WHY EXTENDING GROUP POLICY MAKES SENSE FOR YOUR WINDOWS ENTERPRISE



Similar documents
SECURE YOUR WINDOWS ENTERPRISE WITH STRONG PASSWORD MANAGEMENT

Top 10 Security Hardening Settings for Windows Servers and Active Directory

Installing, Configuring, and Managing a Microsoft Active Directory

Securing Active Directory Correctly

Best Practices for an Active Directory Migration

Installation Guide. . All right reserved. For more information about Specops Inventory and other Specops products, visit

MS 50255B: Managing Windows Environments with Group Policy (4 Days)

How to monitor AD security with MOM

Course Outline. Configuring, Managing & Maintaining Windows 2008 Server. Course Description: Pre-requisites:

Managing and Maintaining a Microsoft Windows Server 2003 Environment

Managing Windows Environments with Group Policy 50255D; 5 Days, Instructor-led

MS-50255: Managing, Maintaining, and Securing Your Networks Through Group Policy. Course Objectives. Required Exam(s) Price.

Installation Guide. . All right reserved. For more information about Specops Deploy and other Specops products, visit

Course 6425C: Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Group Policy for Beginners

Specops Command. Installation Guide

Next-Gen Monitoring of Active Directory. Click to edit Master title style

50255: Managing Windows Environments with Group Policy

SSM6437 DESIGNING A WINDOWS SERVER 2008 APPLICATIONS INFRASTRUCTURE

THE POWER OF GROUP POLICY

Table Of Contents. - Microsoft Windows - WINDOWS XP - IMPLEMENTING & SUPPORTING MICROSOFT WINDOWS XP PROFESSIONAL...10

Configuring and Troubleshooting Windows 2008 Active Directory Domain Services

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Course 6425C: Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Administering Windows Server 2012

NE-2273B Managing and Maintaining a Microsoft Windows Server 2003 Environment

NE-6425C Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Effective Ways to Manage User Life Cycle in Active Directory

COMPLETE COMPUTING, INC.

ExecuTrain Course Outline Configuring & Troubleshooting Windows Server 2008 Active Directory Domain Services MOC 6425C 5 Days

Configuring, Managing and Maintaining Windows Server 2008 Servers

Managing Windows Environments with Group Policy

6425C: Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Build Your Knowledge!

Managing Enterprise Devices and Apps using System Center Configuration Manager

Chapter. Managing Group Policy MICROSOFT EXAM OBJECTIVES COVERED IN THIS CHAPTER:

Course 6425C: Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

MS-6425C - Configuring Windows Server 2008 Active Directory Domain Services

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Step-by-Step Guide for Microsoft Advanced Group Policy Management 4.0

Course: Configuring and Troubleshooting Windows Server 2008 Active Direct-ory Domain Services

M6419 Configuring, Managing and Maintaining Windows Server 2008 Servers

M6425a Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Configuring Managing and Maintaining Windows Server 2008 Servers (6419B)

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain MOC 6425

MOC 6419: Configuring, Managing, and Maintaining Windows Server 2008

Administering Windows Server 2012

Administering Windows Server 2012

Course 6425C: Five days

Course MS20696A Managing Enterprise Devices and Apps using System Center Configuration Manager

Managing Enterprise Devices and Apps using System Center Configuration Manager 20696B; 5 Days, Instructor-led

6419: Configuring, Managing, and Maintaining Server 2008

Automating Microsoft

5 Challenges in Active Directory Management and How to Manage Them

6425C - Windows Server 2008 R2 Active Directory Domain Services

NetIQ Group Policy Administrator User Guide

Cursuri Certificare Microsoft

Outline SSC Configuring and Troubleshooting Windows Server 2008 Active Directory

MS 6419 Configuring, Managing and Maintaining Windows Server 2008-based Servers

Managing and Maintaining a Windows Server 2003 Network Environment

Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory. Infrastructure. Key Data. Audience. At Course Completion

COURSE 20411D: ADMINISTERING WINDOWS SERVER 2012

Administering Windows Server 2012

Windows Boston. Group Policy Group Policy Basics. Published 2007 Clyde G. Johnson, MCSE, A+

Netwrix Auditor. Role-Based Access. Version: /27/2015

Course Administering Windows Server About this Course. Level: 200 Technology: Windows Server 2012

Preparing leaders by blending high-demand tech skills with soft skills. Directory Services. General Course Syllabus. Prerequisites: IT 463

MICROSOFT BITLOCKER ADMINISTRATION AND MONITORING (MBAM)

Windows Server 2012 R2 Certification

Documentation. CloudAnywhere. Page 1

Backup Exec System Recovery Management Solution 2010 FAQ

Windows Group Policy Resource Kit: Windows Server 2008 and Windows Vista

How To Configure An Active Directory Domain Services

Administering Windows Server 2012

411-Administering Windows Server 2012

Managing and Maintaining Windows Server 2008 Active Directory Servers

Administering Windows Server 2012

Outline SSS Configuring and Troubleshooting Windows Server 2008 Active Directory

Configuring, Managing and Maintaining Windows Server 2008 Servers

Implementing and Administering Security in a Microsoft Windows Server 2003 Network

20696B: Administering System Center Configuration Manager and Intune

Group Policy and Organizational Unit Re-Structuring Template

Administering Windows Server 2012

Selecting the Right Active Directory Security Reports for Your Business

Active Directory Services with Windows Server

NE-20411D Administering Windows Server 2012

Course Outline. Course 6419 : Configuring, Managing and Maintaining Windows Server 2008-based Servers. Duration: 5 Days

Configuring and Managing Microsoft System Center Essentials 2010

Windows 2008 Server DIRECTIVAS DE GRUPO. Administración SSII

How To Write A Gpmc Script For A Gpc (Windows 2003) On A Windows 2000 (Windows 2000) On Your Computer Or Your Computer (Windows 3) On An Ipad Or Ipad (Windows 2) On The Macbook

Course 6419A: Configuring, Managing and Maintaining Windows Server 2008 Servers

Outline SSS Microsoft Windows Server 2008 Hyper-V Virtualization

Out n About! for Outlook Electronic In/Out Status Board. Administrators Guide. Version 3.x

User Document. Adobe Acrobat 7.0 for Microsoft Windows Group Policy Objects and Active Directory

Desktop Authority vs. Group Policy Preferences

Group Policy 21/05/2013

Administering Windows Server 2012 Course M Day(s) 30:00 Hours

Configuring, Managing and Maintaining Windows Server 2008-based Servers

ACTIVE MICROSOFT CERTIFICATIONS:

Transcription:

Specops Software presents: WHY EXTENDING GROUP POLICY MAKES SENSE FOR YOUR WINDOWS ENTERPRISE By Derek Melber, MCSE, MVP

Why Extending Group Policy Makes Sense for Your Windows Enterprise... 3 Every Active Directory Installation Uses Group Policy...3 Everyone Understands Group Policy Already...3 Group Policy Extensions Use Existing Infrastructure and Technology... 4 Group Policy Extensions Use Existing Security Model... 4 Group Policy Extensions Increase Your Return on Investment... 4 Group Policy Extensions Decrease Administrative Costs... 4 About the author:... 5 Why Extending Group Policy Makes Sense for Your Windows Enterprise 2

Why Extending Group Policy Makes Sense for Your Windows Enterprise Microsoft designed Group Policy to be the centralized solution for securing and controlling all Windows desktops and servers in an Active Directory domain. Group Policy has proven to be stable, reliable, and capable of performing exactly as it was designed. Microsoft has placed a significant interest in Group Policy and continues to emphasize the value and use consistently. Every time Microsoft releases a new operating system or major service pack, Group Policy is enhanced and broadened. Microsoft has also asked all departments and products to contribute controls to increase the value and reach of Group Policy. Microsoft also designed Group Policy to be extensible. This is how Microsoft is able to enhance and broaden the capabilities of Group Policy so easily. Group Policy extensibility also allows you to include features, capabilities, and controls to your Active Directory enterprise by including extensions from third party Group Policy companies. Multiple passwords in the same Windows 2003 domain, end user password reset, desktop software and hardware inventory are just a few of the amazing features that you can include by extending Group Policy. Every Active Directory Installation Uses Group Policy Group Policy is installed, configured, and enabled during the installation of Active Directory. This means that if you have Active Directory installed, you already use Group Policy. Both the domain controllers and desktops have everything they need to take advantage of Group Policy. The core security for the domain controllers and basic user account passwords is controlled by the default installation of Group Policy. Extending Group Policy does not require any additional modifications to the existing Group Policy infrastructure. Extending Group Policy only requires that the new settings become available for administration and all clients are configured to receive them during the standard Group Policy application. Everyone Understands Group Policy Already Group Policy has been available since the release of Windows 2000 Active Directory. Active Directory administrators understand Group Policy and know how to configure the settings that are available within the default Group Policy. The standard interfaces for administering Group Policy are well known, as well as the configuration options such as linking, enforcing, and filtering. Administrators know what options are available within Group Policy, as well as which settings are missing. Group Policy extensions provide features and settings to the default Group Policy which are not provided by Microsoft. The settings from the extensions are administered in the same Group Policy tools as the default settings, making it easy and straightforward for administrators to configure the new settings. Why Extending Group Policy Makes Sense for Your Windows Enterprise 3

Group Policy Extensions Use Existing Infrastructure and Technology Since Microsoft designed Group Policy to support extensions and new features, additional settings and features provided by extensions do not require new technology, interfaces, or modifications to Active Directory. The Active Directory schema and other key structural components do not need to be modified, extended, or altered for Group Policy extensions to be installed and configured. Group Policy extensions use the Group Policy Management Console (GPMC) for the creation, configuration, and management of the new settings that are installed. For more control over tracking, offline editing, backup, and security, all extensions can also be managed using the Advanced Group Policy Management (AGPM) tool by Microsoft. Both the GPMC and AGPM are proven and stable tools that are both provided by Microsoft. Group Policy Extensions Use Existing Security Model Active Directory uses both user accounts and group accounts to manage security for resources within the domain. Group Policy relies on these users and groups to control administration, delegation, and deployment of the settings configured within Group Policy. Settings such as user rights, security group membership, and item-level targeting rely heavily on user and group configurations. Group Policy extensions that can leverage targeting and unique configurations based on user and group accounts leverage the existing users and groups that are configured and stored within Active Directory. This means that additional security databases, configuration interfaces, and synchronization of security objects are not required because Group Policy has been extended to include new settings and features. Group Policy Extensions Increase Your Return on Investment The bottom line to using Active Directory, Group Policy, and extending Group Policy is consistency of management tools, security configuration, and use of the core existing infrastructure. Since Group Policy extensions leverage what is already installed, the cost for configuration and management of the new settings introduced by the extensions is negligible. Active Directory environments that run mostly Windows computers should take advantage of Group Policy extensions to increase management efficiency and reduce overall cost for managing all computers in the domain. Solutions to add functionality and settings by using agents, extending Active Directory, customizing interfaces with scripts and coding, and creating custom interfaces is costly and very difficult to manage. For an environment that has a majority of the servers and desktops running Windows, these solutions are outdated. Group Policy Extensions Decrease Administrative Costs Microsoft provides default Group Policy administrative tools such as the GPMC and AGPM. These tools are installed and used by default for all Group Policy management. The GPMC is used to create, configure, manage, maintain, and troubleshoot Group Policy by default. Why Extending Group Policy Makes Sense for Your Windows Enterprise 4

Group Policy extensions also use the GPMC and AGPM, keeping the overall management and efficiency of Group Policy management consistent. Other custom solutions that use scripts, Active Directory extensions, or proprietary interfaces require that custom interfaces be used to manage the new settings. This additional interface causes increased education requirements, complexity, and administrative overhead. About the author: Derek Melber is President of BrainCore.Net, where he does authoring, speaking, and consulting for some of the largest companies in the world. Derek is author of the Microsoft Press Group Policy Resource Kit and one of only 8 Group Policy MVPs in the world. Derek evangelizes and educates on Microsoft Windows Active Directory, Group Policy, security, and desktop management. You can reach Derek at derekm@braincore.net. Why Extending Group Policy Makes Sense for Your Windows Enterprise 5

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information