Posts tagged ‘Advanced Group Policy Management’

« Previous Entries

Video: All about Advanced Group Policy Management (a.k.a. AGPM)

01/02/2012, 11:04 am

AGPM_LogoA video by fellow MVP Kurt Roggen  has just been released on TechNet Edge about the Advanced Group Policy Management tool. I have posted a few article about AGPM before (starting here) but this video is a great primer for the product talking about what it does, how to install it and how to use the product.


Source http://technet.microsoft.com/en-us/edge/Video/hh706152

Tags: ,
Category: Video  |  1 Comment

AGPM Part 7: How to makes changes to existing uncontrolled GPO’s in AGPM

14/06/2010, 8:27 pm

This post is part of a series of posts about Advanced Group Policy Management. If you want to see the other post in this series you can use the links below:

  1. Introduction to Advanced Group Policy Management (a.k.a AGPM) v4
  2. How to install the Advanced Group Policy Management Client v4
  3. How to install the Advanced Group Policy Management (AGPM) Server v4
  4. How to configure the AGPM client via Group Policy to automatically connect to the AGPM server
  5. Delegating permission to Review/Edit GPO’s in AGPM
  6. How to create make changes to Group Policy Objects in AGPM
  7. How to makes changes to existing uncontrolled GPO’s in AGPM

Editing existing uncontrolled GPO’s in AGPM

If you are deploying AGPM into an existing environment (and you probably are) then you will probably want to editing you existing GPO’s. Any GPO that is not managed by AGPM is called an “Uncontrolled” GPO and as such will not be touched until it is specifically made into a “Controlled” policy.

Step 1. Logon as Alan to a computer that has GPMC and the AGPM client

Step 2. Open GPMC and click on Change Control and then then Uncontrolled tab then right click on the GPO you want to “Control” and then click on Control…

 

image

 Step 3. Add a comment to the GPO as its initial comment then click OK

 

image

This Group Policy is now “controlled”

 image

Hopefully this has series given you enough of an introduction to AGPM to get it installed and start to perform basic changes and approvals to GPO setting …

If you want more information on Advanced Group Policy Management then here is a list of link to pages I have found useful:

Microsoft MDOP Blog
TechNet: Overview of Advanced Group Policy Management
TechNet: A Video tour of Advanced Group Policy Management
TechNet: Technical Overview of AGPM
TechNet: What’s New in AGPM

TechNet: Choosing Which Version of AGPM to Install
TechNet: Step-by-Step Guide for Microsoft Advanced Group Policy Management 4.0
TechNet: Operation Guide for Microsoft Advanced Group Policy Management 4.0
Group Policy Blog: Importing and Exporting with AGPM

Tags: , ,
Category: Tutorials  |  7 Comments

AGPM Part 6: How to create make changes to Group Policy Objects in AGPM

14/06/2010, 8:24 pm

This post is part of a series of posts about Advanced Group Policy Management. If you want to see the other post in this series you can use the links below:

  1. Introduction to Advanced Group Policy Management (a.k.a AGPM) v4
  2. How to install the Advanced Group Policy Management Client v4
  3. How to install the Advanced Group Policy Management (AGPM) Server v4
  4. How to configure the AGPM client via Group Policy to automatically connect to the AGPM server
  5. Delegating permission to Review/Edit GPO’s in AGPM
  6. How to create make changes to Group Policy Objects in AGPM
  7. How to makes changes to existing uncontrolled GPO’s in AGPM

Creating and Editing GPO’s in AGPM

Now you are going to logon as John and create a fresh new Controlled GPO to have it then approved by Alan.

Step 1. Logon as John to a computer that has GPMC and the AGPM client

Step 2. Open GPMC and right click on Change Control and then click on New Controlled GPO…

 

image

Step 3. Fill in the submission field so that an email will be sent to the AGPM administrator to review the New Controlled GPO Request then click Submit

 

image

Step 4. Click Close

 

Note: In this example I don’t have a mail serve configured so the sending the of the email failed.

image

Step 5. Click on the Pending Tab. You can now see the Pending request waiting for approval.

image

Now we will approve the New Controlled GPO request.

Step 6. Logon as Alan to a computer that has GPMC and the AGPM client

Step 7. Open GPMC and right click on Change Control then click on the Pending tab and the right click on the pending request and click on Approve…

 

image

Step 8. Add a comment before you confirm the Approval action then click Yes

 

image

Step 9. Wait for it to Approve and then click Close

 

image

Note: It is this stage that Alan can link the GPO manually to the Organisational Unit (OU).

NEXT > How to makes changes to existing uncontrolled GPO’s in AGPM

Tags: , ,
Category: Tutorials  |  6 Comments

AGPM Part 5: Delegating permission to Review/Edit GPO’s in AGPM

14/06/2010, 8:23 pm

This post is part of a series of posts about Advanced Group Policy Management. If you want to see the other post in this series you can use the links below:

  1. Introduction to Advanced Group Policy Management (a.k.a AGPM) v4
  2. How to install the Advanced Group Policy Management Client v4
  3. How to install the Advanced Group Policy Management (AGPM) Server v4
  4. How to configure the AGPM client via Group Policy to automatically connect to the AGPM server
  5. Delegating permission to Review/Edit GPO’s in AGPM
  6. How to create make changes to Group Policy Objects in AGPM
  7. How to makes changes to existing uncontrolled GPO’s in AGPM

Delegating permission in AGPM

This section show you how to delegate permission to a user to either review or edit group policy object via AGPM.

Step 1. Open GPMC on a computer that you have installed the AGPM client on.

Step 2. Navigate and click on Change Control option and then the Domain Delegation tab then click Add

 

image

Step 3. Select the user John and then select the Editor from the role field then click OK

 

image

John now has Reviewer/Edit access to AGPM (that was easy!).

image

NEXT > How to create make changes to Group Policy Objects in AGPM

Tags: , ,
Category: Tutorials  |  5 Comments

AGPM Part 4: How to configure the AGPM client via Group Policy to automatically connect to the AGPM server

14/06/2010, 8:22 pm

This post is part of a series of posts about Advanced Group Policy Management. If you want to see the other post in this series you can use the links below:

  1. Introduction to Advanced Group Policy Management (a.k.a AGPM) v4
  2. How to install the Advanced Group Policy Management Client v4
  3. How to install the Advanced Group Policy Management (AGPM) Server v4
  4. How to configure the AGPM client via Group Policy to automatically connect to the AGPM server
  5. Delegating permission to Review/Edit GPO’s in AGPM
  6. How to create make changes to Group Policy Objects in AGPM
  7. How to makes changes to existing uncontrolled GPO’s in AGPM

Configuring the AGPM Client

This section describes the process of how to automatically connect AGPM client to the AGPM server you have in your forest. If you do not perform this option step then each person that uses the AGPM will need to manually configure the Client to the correct AGPM server.

Step 1. Edit the Default Domain Policy using the Group Policy Management Editor (GPME) and navigate to Users Configuration > Policies > Administrative Templates > Windows Components > AGPM then edit the AGPM: Specify default AGPM Server (all domains)

 

image

Step 2. Tick Enable and then type the name/IP address then :Port number of the AGPM Server in the text field then click OK

(Hopefully this is the last non-managed GPO change you ever make again)

image

NEXT > Delegating permission to Review/Edit GPO’s in AGPM

Tags: , ,
Category: Tutorials  |  6 Comments
« Previous Entries