Virtual Architects Support Wiki

User Tools

Site Tools

You are here: start » networking » windows » active_directory » group_policy
Trace: ahsay_restore aoe dnsmasq msp_rmm_site_concentrator
networking:windows:active_directory:group_policy

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
networking:windows:active_directory:group_policy [2014/07/24 15:53]
gcooper 		networking:windows:active_directory:group_policy [2021/03/18 09:07] (current)
gcooper
Line 1: Line 1:
 ====== Windows Group Policy ====== ====== Windows Group Policy ======
 +
 +**Loopback**: http://deployhappiness.com/loopback-policy-how-a-computer-gets-a-transgender-operation
 +
 +**Policy or Preference**: http://deployhappiness.com/policy-or-preference
 +
 +===== Applying Group Policies =====
 +
 +:!: You must create Active Directory Organizational Units (OUs) to apply group policies against.  You can't apply policies to the built-in AD containers.
 +
 +:!: Policies apply to either users or computers.  Loopback processing can make user policies apply to certain computers.
 +
 +:!: Group policies often seem not to 'take effect' when you think they should.
 +
 +:!: Time plays an underestimated role in the activation or roll-out of group policies.  Test it again in the morning!
 +
 +  - Make the policy change on the domain controller
 +  - Run ''gpupdate /force'' on domain controller
 +  - Run ''gpupdate /force'' on workstation computer
 +  - Reboot workstation computer
 +  - Test the policy
  
 ===== Tools ===== ===== Tools =====
Line 10: Line 30:
  
   * **Start -> Run -> gpedit.msc**   * **Start -> Run -> gpedit.msc**
 +
 +View resultant policies:
 +
 +  * **Start -> Run -> rsop.msc**
 +
 +Use the CLI:
 +
 +https://mashtips.com/how-to-use-the-group-policy-results-gpresult-exe-command-line-tool/
 +
 +<file>
 +gpupdate /force
 +
 +gpresult /R
 +
 +gpresult -H GPResult.html
 +</file>
 +
 +Check computer group membership:
 +
 +<file>
 +Get-ADComputer "tucson-svr" -Properties MemberOf
 +
 +gpresult /scope computer /v
 +
 +net localgroup
 +</file>
  
 ===== Multiple AD Sites ===== ===== Multiple AD Sites =====
Line 35: Line 81:
 ===== RDS Desktop Backgrounds ===== ===== RDS Desktop Backgrounds =====
  
-:!: By default, background images are not displayed nor can users change the background unless the RDP client is set to 'Lan' or the best connection speed.+:!: By default, background images are not displayed nor can users change the background unless the RDP client is set to 'Lan' or the best connection speed in the client settings. 
 + 
 +:!: If you set a solid color background at a fast speed, the setting will 'stick' even when going back to slower connection speeds 
 + 
 +:!: You have to have Desktop backgrounds enabled in the client before any of the following server-side stuff will work.
  
 ==== Using Registry ==== ==== Using Registry ====
networking/windows/active_directory/group_policy.1406238836.txt.gz · Last modified: 2014/07/24 15:53 by gcooper

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki