Posts tagged ‘GPMC’

« Previous Entries
Next Entries »

Active Directory and Group Policy… Would you like to know more?

29/07/2010, 11:01 am

Ned Pyle from the Active Directory Service team has just done a super post to the Ask the Directory Services Team called Post-Graduate AD Studies. This is a collection of links to pretty much every AD/Group Policy related TechNet article known to man. Definitely a post that you will want to bookmark to use as a reference whenever you have any AD or Group Policy related problems or questions.

Below is a list of all the Group Policy related articles that are listed in the post:

Check out the whole article at: Post-Graduate AD Studies – Ask the Directory Services Team – Site Home – TechNet Blogs.

P.S. Can anyone pick where I got the inspiration for the title?

Tags: , ,
Category: Other Site Links  |  7 Comments

Best Practice: Group Policy Design Guidelines – Part 2

27/07/2010, 7:00 pm

In my previous article In this article Best Practice:Active Directory Structure Guidelines – Part 1 I spoke about some of the guidelines I personally use when developing an Active Directory OU structure. In this next part I will discuss some guidelines I use when designing a Group Policy Object infrastructure.

Ideally you should make the the Active Directory OU and GPO design decision together to best ensure that you have the most efficient design possible. However if you have an existing OU structure designed a lot of these guidelines can still be applied to most existing environments.

As in Part 1 these are simply guidelines that I use and should not be taken as hard an fast rules. I quite often finding myself having to break these rules due to real world conflicts or just because one rule might conflict with the other rule. If you do find your self in a situation where you are not sure which path to take try to chose the option that will result in the least administrative effort in the long term.

Continue reading ‘Best Practice: Group Policy Design Guidelines – Part 2’ »

Tags: , , , , , , , , , , , , , ,
Category: Best Practice, Tutorials  |  22 Comments

The complete list of Group Policy Hotfix’s in Windows 7/2008 R2 Service Pack 1

13/07/2010, 8:32 am

windows-7-logoThe beta of Windows 7/Server 2008 R2 Service Pack 1 beta has now been released to the public for testing. For your benefit I have parsed through the complete list of hotfixes and I have listed out all the group policy specific setting. If you just want the service pack right now you can download it here http://technet.microsoft.com/en-us/evalcenter/ff183870.aspx

I have highlighted the two hotfixes that stand out it my mind as the issues that have been most annoying bugs with group policy with Windows 7 RTM.

I have also posted an installation screenshot walk though on my other blog here http://www.smartergeek.info/2010/07/install-screenshots-windows-7-service-pack-1-beta/

Hotfix Description Link to support article
After Internet Explorer Maintenance Group Policy settings are configured in a domain, a 20-second delay occurs when you log on to the domain from a client computer that has Internet Explorer 7 or Internet Explorer 8 installed http://support.microsoft.com/kb/941158
FIX: You cannot import or paste some group policies across domains by using the “Group Policy Management” MMC snap-in http://support.microsoft.com/kb/969867
SceCli 1202 events are logged every time Computer Group Policy settings are refreshed on a computer that is running Windows Server 2008 R2 or Windows 7 http://support.microsoft.com/kb/974639
Roaming user profile cache is not deleted from a Windows Server 2003-based computer if Group Policy preferences and Internet Explorer Maintenance Group Policy settings are used http://support.microsoft.com/kb/975619
LDAP filters in the Group Policy preference settings do not take effect on a computer that is running Windows Server 2008 R2 or Windows 7 http://support.microsoft.com/kb/976398
FIX: You cannot apply Group Policy settings on a computer that is running Windows 7 or Windows Server 2008 R2 when security group filters are used in Group Policy preference settings http://support.microsoft.com/kb/976399
A Group Policy Immediate Task preference item does not run on a client computer that is running Windows 7 or Windows Server 2008 R2 http://support.microsoft.com/kb/977353
The SceCli 1202 events are logged when some Group Policy settings are refreshed in Windows Server 2008 R2 and in Windows 7 http://support.microsoft.com/kb/977695
The “Desktop Wallpaper” Group Policy setting is not applied in Windows 7 or in Windows Server 2008 R2 http://support.microsoft.com/kb/977944
Logoff process stops responding after you create a logoff Group Policy script on a client computer that is running Windows Vista or Windows Server 2008 http://support.microsoft.com/kb/978489
The Group Policy Management Editor window crashes when you apply some changes for NRPT policy settings http://support.microsoft.com/kb/978837
Error message when you view or modify the migrated Group Policy objects in Windows Server 2008 R2: “Attribute cannot be empty” http://support.microsoft.com/kb/979039
After you apply a WMI filter, the GPO does not take effect on a client computer that is running Windows 7 or Windows Server 2008 R2 http://support.microsoft.com/kb/979383
Some Group Policy preferences are not applied successfully on computers that are running Windows 7 or Windows Server 2008 R2 http://support.microsoft.com/kb/979731
The “Allow the printing of background colors and images” Group Policy setting does not take effect on a computer that has Internet Explorer 8 installed http://support.microsoft.com/kb/980077
The “Load a specific theme” Group Policy setting is not applied correctly on a computer that is running Windows 7 or Windows Server 2008 R2 http://support.microsoft.com/kb/980628
The “Configure new tab page default behavior” Group Policy setting does not work on a computer that is running Windows 7 or Windows Server 2008 R2 and that has Internet Explorer 8 installed http://support.microsoft.com/kb/980959
The Group Policy preference settings for the “Terminal Session” item-level targeting item are not applied in Windows 7 or in Windows Server 2008 R2 http://support.microsoft.com/kb/981054
You can still unpin a program from the taskbar unexpectedly when you enable the “Do not allow pinning programs to the Taskbar” Group Policy on a computer that is running Windows 7 or Windows Server 2008 R2 http://support.microsoft.com/kb/981177
You cannot create a software installation Group Policy setting on a read-only domain controller in Windows Server 2008 R2 http://support.microsoft.com/kb/981265
Error message occurs when you use GPMC to view a software restriction Group Policy setting in Windows 7 and in Windows Server 2008 R2: “An error has occurred while collecting data for Software Restriction Policies” http://support.microsoft.com/kb/981750
You cannot open an HTML GPO report that is created by the German version of Windows Server 2008 R2 or of Windows 7 http://support.microsoft.com/kb/981877
Tags: , , , , , ,
Category: News  |  9 Comments

AGPM Part 2: How to install the Advanced Group Policy Management (AGPM) Client v4

14/06/2010, 8:20 pm

This post is part of a series of posts about Advanced Group Policy Management. If you want to see the other post in this series you can use the links below:

  1. Introduction to Advanced Group Policy Management (a.k.a AGPM) v4
  2. How to install the Advanced Group Policy Management Client v4
  3. How to install the Advanced Group Policy Management (AGPM) Server v4
  4. How to configure the AGPM client via Group Policy to automatically connect to the AGPM server
  5. Delegating permission to Review/Edit GPO’s in AGPM
  6. How to create make changes to Group Policy Objects in AGPM
  7. How to makes changes to existing uncontrolled GPO’s in AGPM

Installing the AGPM Client

It is best you install the Microsoft Advance Group Policy Management Client on any computer in your organisation that has the the Group Policy Management Console (GPMC) installed. This ensures that all changes to group policy are properly managed using the Advanced Group Policy Management program.

Step 1. Start the Advanced Group Policy Management install program and run the “– Client install.” option.

Step 2. At Welcome dialog box, click Next.

image

Step 3. Tick I accept the license terms and click Next

image

Step 4. Confirm the install patch and click Next

image

Step 5. Type the IP or DNS Name of the AGPM server and click Next

image

Step 6. Leave all the languages selected and click Next

image

Step 7. Click Install

image

Step 7a. Optional – Click on the Details button to see the components that will be installed.

image

Wait

image

Step 8. Click Finish to exit the Setup Wizard.

image

NEXT > How to configure the AGPM client via Group Policy to automatically connect to the AGPM server

Tags: , , ,
Category: Tutorials  |  8 Comments

Group Policy Hotfix Round Up – 22/4/2010 to 28/4/2010

29/04/2010, 9:08 pm

Just a single new hot fix has come out this week that affects group policy…

981704 The file name of an ADM file is displayed incorrectly in the GPMC report in Windows Vista or in Windows Server 2008

This hotfix resolves a problem with a GPO report in the Group Policy Management Console showing as “Extra Registry Settings” if you have imported a ADM file and then moved it to another location. For more info see http://support.microsoft.com/kb/981704

Tags: , , , ,
Category: News  |  2 Comments
« Previous Entries
Next Entries »