Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Group policy (GPO) on Windows Server 2008 to set IE homepage and default action to Log Out

Posted on 2011-09-29
9
Medium Priority
?
798 Views
Last Modified: 2012-05-12
Hi,

I've just discovered the joys of Group Policy and the power it gives over a set of users.

However, on a new Windows Server 2008 R2, I'm trying to acheive two things and wonder if I could be directed to where the change should be.

1) How do I set the home page for the users affected by the policy?
2) How can I make is so the default option on the Shut down button on Windows 7 is actually Log out?

Thanks for any advice.
0
Comment
Question by:afflik1923
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
  • +1
9 Comments
 
LVL 5

Accepted Solution

by:
usslindstrom earned 800 total points
ID: 36813237
Group Policy is probably the best invention MS has ever come out with...  Next to AD.

Create a new policy for each.

**HomePage**
User Configuration --> Policies --> Windows Settings --> IE Maintenance --> Important URLs -->  Set it to whatever you'd like

**Change LogOff Button**
User Configuration --> Policies --> Admin Templates --> Start Menu and TaskBar
0
 
LVL 39

Assisted Solution

by:Krzysztof Pytko
Krzysztof Pytko earned 800 total points
ID: 36813262
Hi,

please check this MS as reference. This setting for Win7 "Shut down" button can be changed to "log off" under "User Configuration\Administrative Templates\Start Menu and Taskbar" in policy "Change Start Menu power button"
http://technet.microsoft.com/en-us/library/ee617162%28WS.10%29.aspx

For homepage you can use

User Configuration -> Policies -> Windows Settings -> Internet Explorer Maintenance -> URLs
define there Home Page.

Remember that both policies are applied to users. So, link them to users OU (and it doesn't matter where they would be loggin, settings will always apply)

Regards,
Krzysztof
0
 
LVL 37

Assisted Solution

by:Neil Russell
Neil Russell earned 400 total points
ID: 36813330
Welcome to the world of group policies.

Now get yourself over to a website called www.gpanswers.com  and start really using them! :D
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 

Author Comment

by:afflik1923
ID: 36814040
OK. Great. I'm still new so alow me anohter question.

Do I need to make the policu
"Enforced"

I did on the first one I did, but the deftaul is for Enforced is No once I create it.
Does Enforced need to be on to make it work, or does this actually means something like, always do this policy even if X scenario  - or something like that
0
 
LVL 39

Assisted Solution

by:Krzysztof Pytko
Krzysztof Pytko earned 800 total points
ID: 36814164
Enforce is used only to force GPO appliance in an OU where some other administrator enabled "block inheritance"
If you don't see blue exclamation mark on an OU within GPMC console, do not set up "Enforce". It will still be applying without that settinsg :)

Krzysztof
0
 
LVL 5

Expert Comment

by:usslindstrom
ID: 36814800
iSiek's right.  Try to avoid "Enforce" as much as possible, if you find yourself overly relying on that option, you may need to rethink your group policy / ad structure and design.

Usually "Enforce" is stuff like, where your organization uses folder redirection/roaming profiles and it's set at the Site level OU in your domain for your users.  - There may be a requirement that a few users aren't applied the folder redirection policy, and there's no real rhyme or reason on the location of those users.  In a case like that, you could create an AD group for "Local Folders Only," and assign a group policy on that group to deny that sort of stuff which would be "Enforced".

In group policy, it's backwards from what you might think.  The last policy processed is actually the most important when it comes to GP.  So, if you set something at a higher level that you need to make sure none of the lower levels overwrite, that's what "Enforce" is for.

But as I mentioned before, a good OU structure / Group Policy plan doesn't have much need for that option.  - But it's there if you need it.
0
 

Author Comment

by:afflik1923
ID: 36818629
All sounds very good. One more pointer that would be handy. On the Windows 7 workstation I want by default for
Outlook, Word, Excel all to be pinned on the taskbar in Windows 7 (maybe some other applications)

what would be the group policy for that?

Many many thanks.
0
 
LVL 5

Assisted Solution

by:usslindstrom
usslindstrom earned 800 total points
ID: 36820886
You're moving from group policy, and into the realm of default profiles here...

Here are the majority of options you have at your disposal when dealing with the taskbar - as far as group policy is concerned.

http://technet.microsoft.com/en-us/library/ee617162(WS.10).aspx




For things such as that, you could develop a GPO to do that, but you're adding the requirement of having that software title on each and every PC (Most likely the case with office anyway) - but something to be aware of.

Unless it's installing software or something similar, I don't keep any software settings in Group Policy.  It's all definately possible though.
0
 

Author Closing Comment

by:afflik1923
ID: 36930339
Many thanks for the GP tips.
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A hard and fast method for reducing Active Directory Administrators members.
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question