A new domain with a new domain controller for the engineering department was recently installed in the workplace. A GPO needs to be created to include various password policies, account lockout policies, audit policies, local user rights, and security options. The GPO has to be able to be applied to any organizational level within the domain, such as at the OU level or at the domain level itself. What steps must be taken to create the GPO and edit the appropriate settings in the GPO? Where can the policies be found within the GPO? All help is greatly appreciated, thanks.
-
First, if you really don't know anything about GPO, you probably shouldn't be editing them. It's quite easy to break all kinds of things by editing the wrong setting, or applying the wrong combination of settings.
On the domain controller, open Group Policy Management from Administrative Tools on the Start Menu. Find the Domain Policy in the tree on the left; right click it and select Edit.
For Password Policies find: Domain Policy\Computer Configuration\Windows Settings\Security Settings\ Account Policies.
Note that these settings will apply to Domain Accounts and Local Accounts on Computers.Audit Policy, User Rights Assignment, and other Security Options find: Domain Policy\Computer Configuration\Windows Settings\Security Settings\Local Policies
Note that this will apply to all servers, all domain controllers, and all client computers in the domain.If you don't want these settings to apply to all accounts and computers in the domain; you'll need to organize OUs, place the objects in those, and apply GPOs to those OUs. This is not a simple task and really should be done by someone who knows what they're doing.
rlopez6570 : Thank you very much I appreciate your time and feedback!From Chris S
0 comments:
Post a Comment