Group policies required by network engineers

Group PolicyIt provides a good network management platform for our network administrators, greatly improving the efficiency and security of our network management. The responsibility of network engineers is to maintain the network security of an enterprise, because the storage and utilization of data in an enterprise is very important.

It is related to the operation of an enterprise. Therefore, if security problems occur, the loss to the company is incalculable. Therefore, the most important responsibility of network engineers is to maintain enterprise security. Group policies are an important part of security. The configured group policies not only benefit the company, but also reduce unnecessary troubles for network engineers themselves. So I am happy to tell you about the Group Policy.

1. connection object of a group of policies

1. Save group policies to GPO: gpo consists of two parts: Computer Configuration and user configuration.

2. You can connect to LSDOU.

Ii. Role of group policies

1. Easy management of the working environment of users and computers in AD

2. User desktop environment

3. script files executed during computer startup/shutdown and user logon/logout

4. Software Distribution

5. Security Settings

Iii. Concept of a site

1. The site in the Active Directory is a physically abstract concept consisting of one or more IP subnets connected through a high-speed link.

2. Relationship between sites and domains: one site can have multiple domains and one domain can have multiple sites

Site's main role: optimized replication enables users to log on to the domain controller using reliable and high-speed connections

4. Application Rules of group policies

1. Inheritance

By default, the lower-layer container inherits the GPO from the upper-layer container.

Sub-containers can prevent the parent group from inheriting policies.

2. Accumulate

If multiple group policy settings of the container do not conflict, the final valid policy is the sum of all group policy settings.

3. Application Sequence

The group policy is applied in the following order: LSDOU

First, apply the Local Group Policy Object

If a site Group Policy object exists,

Then apply the domain group policy object

If the computer or user belongs to an OU, apply the Group Policy object on the OU.

If the computer or user belongs to a sub-OU, apply the Group Policy object on the sub-OU.

If multiple Group Policy objects are linked under the same container, apply them one by one based on the priority of the policy.

5. Screening

Filtering can prevent a GPO from being applied to specific computers and users in the container.

6. Force

The group policy is applied in the following order: LSDOU

First, apply the Local Group Policy Object

If a site Group Policy object exists,

Then apply the domain group policy object

If the computer or user belongs to an OU, apply the Group Policy object on the OU.

If the computer or user belongs to a sub-OU, apply the Group Policy object on the sub-OU.

If multiple Group Policy objects are linked under the same container, apply them one by one based on the priority of the policy.

VII. Software Distribution

Obtain the Windows Installation Package file. The package contains a. msi file and necessary installation files.

Place the software installation file to a software distribution point

Create or modify GPO

Differences between distribution and Publishing

Allocation: assigned to a user or computer

Release: publish to users

Distribution ratio is more mandatory

If multiple group policy settings of the container conflict, the group policy applied later overwrites the group policy applied first.

These are basic group policies .. In fact, these content to make good use of must be good research, so these content is my careful arrangement and I in the http:// B .beidaqingniao.org and I abstract the content, I hope to help everyone.

Summary:

Group policies play a vital role in maintaining the network security of the system. The set group policies are not only beneficial to the company, but also can reduce unnecessary troubles for network engineers themselves. I hope this article will be helpful to readers. More knowledge about group policies remains to be explored and learned by readers.