Differences

This shows you the differences between two versions of the page.

--- networking:windows:active_directory:group_policy [2012/02/12 09:50]
127.0.0.1 external edit
+++ networking:windows:active_directory:group_policy [2021/03/18 09:07] (current)
gcooper
@@ Line 1: / Line 1: @@
 ====== Windows Group Policy ======
+**Loopback**: http://deployhappiness.com/loopback-policy-how-a-computer-gets-a-transgender-operation
+**Policy or Preference**: http://deployhappiness.com/policy-or-preference
+===== Applying Group Policies =====
+:!: You must create Active Directory Organizational Units (OUs) to apply group policies against.  You can't apply policies to the built-in AD containers.
+:!: Policies apply to either users or computers.  Loopback processing can make user policies apply to certain computers.
+:!: Group policies often seem not to 'take effect' when you think they should.
+:!: Time plays an underestimated role in the activation or roll-out of group policies.  Test it again in the morning!
+  - Make the policy change on the domain controller
+  - Run ''gpupdate /force'' on domain controller
+  - Run ''gpupdate /force'' on workstation computer
+  - Reboot workstation computer
+  - Test the policy
 ===== Tools =====
@@ Line 10: / Line 30: @@
   * **Start -> Run -> gpedit.msc**
+View resultant policies:
+  * **Start -> Run -> rsop.msc**
+Use the CLI:
+https://mashtips.com/how-to-use-the-group-policy-results-gpresult-exe-command-line-tool/
+<file>
+gpupdate /force
+gpresult /R
+gpresult -H GPResult.html
+</file>
+Check computer group membership:
+<file>
+Get-ADComputer "tucson-svr" -Properties MemberOf
+gpresult /scope computer /v
+net localgroup
+</file>
 ===== Multiple AD Sites =====
@@ Line 17: / Line 63: @@
   * **Right-click container -> Block Inheritance**
+===== Without Windows Servers =====
+http://www.nitrobit.com/grouppolicy.html
+http://www.nitrobit.com/products.html
+http://www.nitrobit.com/order_ngp.html
+===== Logon as Batch Job =====
+http://technet.microsoft.com/en-us/library/gg563788.aspx
+Edit an existing group policy, or add a new one, and add 'Administrators':
+**Computer Configuration -> Policies -> Windows Settings -> Security Settings -> Local Policies -> User Rights Assignment -> Log on as Batch Job**
+===== RDS Desktop Backgrounds =====
+:!: By default, background images are not displayed nor can users change the background unless the RDP client is set to 'Lan' or the best connection speed in the client settings.
+:!: If you set a solid color background at a fast speed, the setting will 'stick' even when going back to slower connection speeds
+:!: You have to have Desktop backgrounds enabled in the client before any of the following server-side stuff will work.
+==== Using Registry ====
+http://virot.eu/push-a-solid-colored-background-to-a-windows-server-2012-or-later/
+==== Using Group Policy ====
+http://social.technet.microsoft.com/Forums/windowsserver/en-US/9c72a524-507f-4861-a9de-0b42c711897a/how-to-change-desktop-background-color-of-windows-2008-r2-remote-desktop-server-users?forum=winserverTS
+==== Using ADM Templates ====
+http://www.techieshelp.com/set-desktop-background-colour-with-a-gpo/

Virtual Architects Support Wiki

User Tools

Site Tools

Differences

Page Tools