?
Solved

Group Policy Preferences - What are we missing

Posted on 2014-01-14
6
Medium Priority
?
755 Views
Last Modified: 2014-01-14
We are currently only using 2003 DCs in one of our environments.  After introducing Server 2012R2 machines we noticed that Group Policy for IE was no longer applying.

We found the problem was that IE10 no longer would use the IEM settings in our GPO, and would only use GPP.  Of course with no 2k8 DCs, we have no GPP settings.


My question is: What other issues could we face by not having GPPs?  Is IE10 the first item to REQUIRE gpp to work properly?  We are working on making a case to management and I figured you all would be a great resource!
0
Comment
Question by:ServerNotFound
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 22

Accepted Solution

by:
Joseph Moody earned 668 total points
ID: 39780047
Group policy preferences are not server specific. They are client specific. If your clients have IE10, then you are running windows 7+. If you are running Windows 7, you have preferences.

Setup a Windows 7/8/8.1 machine with RSAT. Use that to edit preferences.

http://deployhappiness.com/internet-explorer-maintenance-replacements/
0
 
LVL 42

Assisted Solution

by:Adam Brown
Adam Brown earned 668 total points
ID: 39780056
There were some Group Policy settings on 2003 that worked for IE10, but as you've seen those get superseded by Group Policy Preference settings. As far as I know, that's the only thing you'll really run into that does that. Jmoody's recommendation on using a windows 7/8 machine to inject GPP into your existing group policies is also a valid thing to remember.
0
 
LVL 70

Expert Comment

by:KCTS
ID: 39780097
Lots of other stuff is made much easier with GPP - mapping drives, setting printers etc to name but two
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 

Author Comment

by:ServerNotFound
ID: 39780212
Thank you all.  

Looking at using Admin Templates instead, but don't have the whole process yet.  

I was kinda hoping there would be other good reasons to make the move to GPP, but I think the one area we have (IE10) we likely won't get any traction.
0
 
LVL 37

Assisted Solution

by:Mahesh
Mahesh earned 664 total points
ID: 39780387
GPP can save you from lot of startup \ logon scripts
Your local client computer management such as admin rename, password change, file copying process, new  folder creation, registry modifications, group modifications, map drives, home drives, printers can be mapped with GPP.
Also you can use GPP for item level targeting such as you can filter policies OS wise such as XP, win7
Also you can create schedule tasks, service management.
Also all GPP tasks run under system account of local machine, so you need not to provide explicit permissions to users

http://blogs.technet.com/b/nmercer/archive/2007/11/19/group-policy-preferences.aspx

Mahesh
0
 
LVL 42

Expert Comment

by:Adam Brown
ID: 39780407
GPP will basically save you a lot of headaches, as mentioned. If you have a Server 2012 DC, there's no reason *not* to utilize them for what they do (mapping drives, setting power profiles, etc), as it is much easier than writing scripts that do the same thing.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question