Group policy : fundamentals, security, and the managed desktop /

Mostrar otras versiones (3)

The Ultimate Book on Group Policy Freshly updated to include Windows 8 and Windows Server 2012, Group Policy: Fundamentals, Security, and the Managed Desktop, Second Edition is the book for learning everything you need to know about Group Policy, no matter which version of Windows you use. Microsoft...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Moskowitz, Jeremy
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Indianapolis, Ind. : Sybex/Wiley, ©2013.
Edición:2nd ed.
Colección:Serious skills.
Temas:
Microsoft Windows (Computer file)
Operating systems (Computers)
Software configuration management.
Computer security.
Directory services (Computer network technology)
Systèmes d'exploitation (Ordinateurs)
Logiciels > Gestion de configurations.
Sécurité informatique.
Services d'annuaires (Technologie des réseaux)
operating systems.
Computer security
Software configuration management
Acceso en línea:Texto completo (Requiere registro previo con correo institucional)
Tabla de Contenidos:
  • Machine generated contents note: ch. 1 Group Policy Essentials
  • Getting Ready to Use This Book
  • Getting Started with Group Policy
  • Group Policy Entities and Policy Settings
  • Categories of Group Policy
  • Active Directory and Local Group Policy
  • Understanding Local Group Policy
  • Group Policy and Active Directory
  • Linking Group Policy Objects
  • Final Thoughts on Local GPOs
  • Example of Group Policy Application
  • Examining the Resultant Set of Policy
  • At the Site Level
  • At the Domain Level
  • At the OU Level
  • Bringing It All Together
  • Group Policy, Active Directory, and the GPMC
  • Implementing the GPMC on Your Management Station
  • Creating a One-Stop-Shop MMC
  • Group Policy 101 and Active Directory
  • Active Directory Users and Computers vs. GPMC
  • Adjusting the View within the GPMC
  • GPMC-centric View
  • Our Own Group Policy Examples
  • More about Linking and the Group Policy Objects Container
  • Applying a Group Policy Object to the Site Level
  • Applying Group Policy Objects to the Domain Level
  • Applying Group Policy Objects to the OU Level
  • Testing Your Delegation of Group Policy Management
  • Understanding Group Policy Object Linking Delegation
  • Granting OU Admins Access to Create New Group Policy Objects
  • Creating and Linking Group Policy Objects at the OU Level
  • Creating a New Group Policy Object Affecting Computers in an OU
  • Moving Computers into the Human Resources Computers OU
  • Verifying Your Cumulative Changes
  • Final Thoughts
  • ch. 2 Managing Group Policy with the GPMC
  • Common Procedures with the GPMC
  • Raising or Lowering the Precedence of Multiple Group Policy Objects
  • Understanding GPMC's Link Warning
  • Stopping Group Policy Objects from Applying
  • Block Inheritance
  • Enforced Function
  • Security Filtering and Delegation with the GPMC
  • Filtering the Scope of Group Policy Objects with Security
  • User Permissions on Group Policy Objects
  • Granting Group Policy Object Creation Rights in the Domain
  • Special Group Policy Operation Delegations
  • Who Can Create and Use WMI Filters?
  • Performing RSoP Calculations with the GPMC
  • What's-Going-On Calculations with Group Policy Results
  • What-If Calculations with Group Policy Modeling
  • Searching and Commenting Group Policy Objects and Policy Settings
  • Searching for GPO Characteristics
  • Filtering Inside a GPO for Policy Settings
  • Comments for GPOs and Policy Settings
  • Starter GPOs
  • Creating a Starter GPO
  • Editing a Starter GPO
  • Leveraging a Starter GPO
  • Delegating Control of Starter GPOs
  • Wrapping Up and Sending Starter GPOs
  • Should You Use Microsoft's Pre-created Starter GPOs?
  • Back Up and Restore for Group Policy
  • Backing Up Group Policy Objects
  • Restoring Group Policy Objects
  • Backing Up and Restoring Starter GPOs
  • Backing Up and Restoring WMI Filters
  • Backing Up and Restoring IPsec Filters
  • Migrating Group Policy Objects between Domains
  • Basic Interdomain Copy and Import
  • Copy and Import with Migration Tables
  • GPMC At-a-Glance Icon View
  • Final Thoughts
  • ch. 3 Group Policy Processing Behavior Essentials
  • Group Policy Processing Principles
  • Don't Get Lost
  • Initial Policy Processing
  • Background Refresh Policy Processing
  • Security Background Refresh Processing
  • Special Case: Moving a User or a Computer Object
  • Windows 8 and Group Policy: Subtle Differences
  • Policy Application via Remote Access, Slow Links, and after Hibernation
  • Windows XP Group Policy over Slow Network Connections
  • Windows 8 Group Policy over Slow Network Connections
  • What Is Processed over a Slow Network Connection?
  • Using Group Policy to Affect Group Policy
  • Affecting the User Settings of Group Policy
  • Affecting the Computer Settings of Group Policy
  • Missing Group Policy Preferences' Policy Settings
  • Final Thoughts
  • ch. 4 Advanced Group Policy Processing
  • WMI Filters: Fine-Tuning When and Where Group Policy Applies
  • Tools (and References) of the WMI Trade
  • WMI Filter Syntax
  • Creating and Using a WMI Filter
  • WMI Performance Impact
  • Group Policy Loopback Processing
  • Reviewing Normal Group Policy Processing
  • Group Policy Loopback
  • Merge Mode
  • Group Policy Loopback
  • Replace Mode
  • Group Policy with Cross-Forest Trusts
  • What Happens When Logging onto Different Clients across a Cross-Forest Trust?
  • Disabling Loopback Processing When Using Cross-Forest Trusts
  • Understanding Cross-Forest Trust Permissions
  • Final Thoughts
  • ch. 5 Group Policy Preferences
  • Powers of the Group Policy Preferences
  • Computer Configuration Preferences
  • User Configuration Preferences
  • Group Policy Preferences Concepts
  • Preference vs. Policy
  • Overlap of Group Policy vs. Group Policy Preferences and Associated Issues
  • Lines and Circles and the CRUD Action Modes
  • Common Tab
  • Group Policy Preferences Tips, Tricks, and Troubleshooting
  • Quick Copy, Drag and Drop, Cut and Paste, and Sharing of Settings
  • Multiple Preference Items at a Level
  • Temporarily Disabling a Single Preference Item or Extension Root
  • Environment Variables
  • Managing Group Policy Preferences: Hiding Extensions from Use
  • Troubleshooting: Reporting, Logging, and Tracing
  • Final Thoughts
  • ch. 6 Managing Applications and Settings Using Group Policy
  • Administrative Templates: A History and Policy vs. Preferences
  • Administrative Templates: Then and Now
  • Policy vs. Preference
  • ADM vs. AD MX and ADML Files
  • ADM File Introduction
  • Updated GPMC's ADMX and ADML Files
  • ADM vs. ADMX Files
  • At a Glance
  • ADMX and ADML Files: What They Do and the Problems They Solve
  • Problem and Solution I: Tackling SYSVOL Bloat
  • Problem 2: How Do We Deal with Multiple Languages?
  • Problem 3: How Do We Deal with "Write Overlaps"?
  • Problem 4: How Do We Distribute Updated Definitions to All Our Administrators?
  • Central Store
  • Windows ADMX/ADML Central Store
  • Creating and Editing GPOs in a Mixed Environment
  • Scenario 1 Start by Creating and Editing a GPO Using the Older GPMC Edit Using Another Older GPMC Management Station
  • Scenario 2 Start by Creating and Editing a GPO with the Older GPMC Edit Using the Updated GPMC
  • Scenario 3 Start by Creating and Editing a GPO Using the Updated GPMC Edit Using Another Updated GPMC Management Station
  • Scenario 4 Start by Creating and Editing a GPO Using an Updated GPMC Management Station Edit Using an Older GPMC Management Station
  • ADM and ADMX Templates from Other Sources
  • Using ADM Templates with the Updated GPMC
  • Using ADMX Templates from Other Sources
  • ADMX Migrator and ADMX Editor Tools
  • ADMX Migrator
  • ADMX Creation and Editor Tools
  • PolicyPak Community Edition and PolicyPak Professional
  • PolicyPak Concepts and Installation
  • PolicyPak Pregame Setup
  • PolicyPak Quick Installation
  • Getting Started Immediately with PolicyPak's Preconfigured Paks
  • PolicyPak Final Thoughts and Wrap-Up
  • Final Thoughts
  • ch. 7 Troubleshooting Group Policy
  • Under the Hood of Group Policy
  • Inside Local Group Policy
  • Inside Active Directory Group Policy Objects
  • Birth, Life, and Death of a GPO
  • How Group Policy Objects Are "Born"
  • How a GPO "Lives"
  • Death of a GPO
  • How Client Systems Get Group Policy Objects
  • Steps to Group Policy Processing
  • Client-Side Extensions
  • Where Are Administrative Templates Registry Settings Stored?
  • Why Isn't Group Policy Applying?
  • Reviewing the Basics
  • Advanced Inspection
  • Client-Side Troubleshooting
  • RSoP for Windows Clients
  • Advanced Group Policy Troubleshooting with Log Files
  • Using the Event Viewer
  • Turning On Verbose Logging
  • Group Policy Processing Performance
  • Final Thoughts
  • ch.
  • 8 Implementing Security with Group Policy
  • Two Default Group Policy Objects
  • GPOs Linked at the Domain Level
  • Group Policy Objects Linked to the Domain Controllers OU
  • Oops, the "Default Domain Policy" GPO and/or "Default Domain Controllers Policy" GPO Got Screwed Up!
  • Strange Life of Password Policy
  • What Happens When You Set Password Settings at an OU Level
  • Fine-Grained Password Policy
  • Inside Auditing with and without Group Policy
  • Auditable Events Using Group Policy
  • Auditing File Access
  • Auditing Group Policy Object Changes
  • Advanced Audit Policy Configuration
  • Restricted Groups
  • Strictly Controlling Active Directory Groups
  • Strictly Applying Group Nesting
  • Which Groups Can Go into Which Other Groups via Restricted Groups?
  • Restrict Software: Software Restriction Policy and AppLocker
  • Inside Software Restriction Policies
  • Software Restriction Policies' "Philosophies"
  • Software Restriction Policies' Rules
  • Restricting Software Using AppLocker
  • Controlling User Account Control with Group Policy
  • Just Who Will See the UAC Prompts, Anyway?
  • Understanding the Group Policy Controls for UAC
  • UAC Policy Setting Suggestions
  • Wireless (802.3) and Wired Network (802.11) Policies
  • 802.11 Wireless Policy for Windows XP
  • 802.11 Wireless Policy and 802.3 Wired Policy for Windows 8
  • Configuring Windows Firewall with Group Policy
  • Manipulating the Windows XP Firewall
  • Windows Firewall with Advanced Security (for Windows 8)
  • WFAS
  • IPsec (Now in Windows Firewall with Advanced Security)
  • How Windows Firewall Rules Are Ultimately Calculated
  • Final Thoughts
  • ch. 9 Profiles: Local, Roaming, and Mandatory
  • What Is a User Profile?
  • NTUSER.DAT File
  • Profile Folders for Type 1 Computers (Windows XP and Windows 2003 Server)
  • Note continued: Profile Folders for Type 2 Computers (Windows Vista and Later)
  • Default Local User Profile
  • Default Network User Profile
  • Roaming Profiles
  • Setting Up Roaming Profiles
  • Testing Roaming Profiles
  • Roaming and Nonroaming Folders
  • Managing Roaming Profiles
  • Manipulating Roaming Profiles with Computer Group Policy Settings
  • Manipulating Roaming Profiles with User Group Policy Settings
  • Mandatory Profiles
  • Establishing Mandatory Profiles for Windows XP
  • Establishing Mandatory Profiles for Windows 8
  • Mandatory Profiles
  • Finishing Touches
  • Forced Mandatory Profiles (Super-Mandatory)
  • Final Thoughts
  • ch. 10 Implementing a Managed Desktop, Part 1: Redirected Folders, Offline Files, and the Synchronization Manager
  • Overview of Change and Configuration Management
  • Redirected Folders
  • Available Folders to Redirect
  • Redirected Documents/My Documents
  • Redirecting the Start Menu and the Desktop
  • Redirecting the Application Data Folder
  • Group Policy Setting for Folder Redirection
  • Troubleshooting Redirected Folders
  • Offline Files and Synchronization
  • Making Offline Files Available
  • Inside Windows 8 File Synchronization
  • Handling Conflicts
  • Client Configuration of Offline Files
  • Using Folder Redirection and Offline Files over Slow Links
  • Synchronizing over Slow Links with Redirected My Documents
  • Synchronizing over Slow Links with Regular Shares
  • Teaching Windows 7 and Windows 8 How to React to Slow Links
  • Using Group Policy to Configure Offline Files (User and Computer Node)
  • Troubleshooting Sync Center
  • Turning Off Folder Redirection's Automatic Offline Caching for Desktops
  • Final Thoughts
  • ch. 11 Managed Desktop, Part 2: Software Deployment via Group Policy
  • Group Policy Software Installation (GPSI) Overview
  • Windows Installer Service
  • Understanding .MSI Packages
  • Utilizing an Existing MSI Package
  • Assigning and Publishing Applications
  • Assigning Applications
  • Publishing Applications
  • Rules of Deployment
  • Package-Targeting Strategy
  • Advanced Published or Assigned
  • General Tab
  • Deployment Tab
  • Upgrades Tab
  • Categories Tab
  • Modifications Tab
  • Security Tab
  • Default Group Policy Software Installation Properties
  • General Tab
  • Advanced Tab
  • File Extensions Tab
  • Categories Tab
  • Removing Applications
  • Users Can Manually Change or Remove Applications
  • Automatically Removing Assigned or Published MSI Applications
  • Forcibly Removing Assigned or Published .MSI Applications
  • Using Group Policy Software Installation over Slow Links
  • MSI, the Windows Installer and Group Policy
  • Inside the MSIEXEC Tool
  • Patching a Distribution Point
  • Affecting Windows Installer with Group Policy
  • Deploying Office 2010 and Office 2013 Using Group Policy
  • Steps to Office 2010/2013 Deployment Using Group Policy
  • Result of Your Office Deploying Using Group Policy
  • Systems Center Configuration Manager vs. Group Policy
  • GPSI and Configuration Manager Coexistence
  • Final Thoughts
  • ch. 12 Finishing Touches with Group Policy: Scripts, Internet Explorer, Hardware Control, and Printer Deployment
  • Scripts: Logon, Logoff, Startup, and Shutdown
  • Non-PowerShell-Based Scripts
  • Deploying PowerShell Scripts to Windows 7 and Later Clients
  • Managing Internet Explorer with Group Policy
  • Internet Explorer Maintenance
  • Where Is It?
  • Managing Internet Explorer with Group Policy Preferences
  • Internet Explorer's Group Policy Settings
  • Managing Internet Explorer using the IEAK
  • Restricting Access to Hardware via Group Policy
  • Group Policy Preferences Devices Extension
  • Restricting Driver Access with Policy Settings for Windows Vista and Later
  • Getting a Handle on Classes and IDs
  • Restricting or Allowing Your Hardware via Group Policy
  • Understanding the Remaining Policy Settings for Hardware Restrictions
  • Assigning Printers via Group Policy
  • Zapping Down Printers to Users and Computers (a Refresher)
  • Final Thoughts for This Chapter and for the Book
  • Appendix A Group Policy and VDI
  • Why Is VDI Different?
  • Tuning Your Images for VDI
  • Specific Functions to Turn Off for VDI Machines
  • Group Policy Settings to Set and Avoid for Maximum VDI Performance
  • Group Policy Tweaks for Fast VDI Video
  • Tweaking RDP Using Group Policy for VDI
  • Tweaking RemoteFX using Group Policy for VDI
  • Managing and Locking Down Desktop UI Tweaks
  • Final Thoughts for VDI and Group Policy
  • Appendix B Security Configuration Manager
  • SCM: Installation
  • SCM: Getting Around
  • SCM: Usual Use Case
  • Importing Existing GPOs
  • Comparing and Merging Baselines
  • LocalGPO Tool
  • Installing SCM's LocalGPO Tool
  • Using SCM's LocalGPO
  • Final Thoughts on LocalGPO and SCM
  • Appendix C Windows Intune (And What It Means to Group Policy Admins)
  • Getting Started with Windows Intune
  • Using Windows Intune
  • Setting Up Windows Intune Groups
  • Setting Up Policies Using Windows Intune
  • Windows Intune and Group Policy Conflicts
  • Final Thoughts on Windows Intune.

Ejemplares similares