Scribd
Upload
20 views13 pages

Active Directory GPO Configuration Guide

This document outlines the configuration of Group Policy Objects (GPOs) to manage users and computers on a domain. It includes two projects - the first to configure password policies using a GPO linked to an OU, and the second to configure audit policies using another GPO linked to the Domain Controllers OU. Screenshots are provided to demonstrate the creation of the GPOs, linking them to OUs, configuring specific policies within each GPO, and evidence that the policies were applied and events logged. Questions from the lab manual are also answered regarding how GPOs can affect domain accounts and the purpose of the account lockout reset setting.

Uploaded by

avtar_singh450
Copyright
© All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
20 views13 pages

Active Directory GPO Configuration Guide

This document outlines the configuration of Group Policy Objects (GPOs) to manage users and computers on a domain. It includes two projects - the first to configure password policies using a GPO linked to an OU, and the second to configure audit policies using another GPO linked to the Domain Controllers OU. Screenshots are provided to demonstrate the creation of the GPOs, linking them to OUs, configuring specific policies within each GPO, and evidence that the policies were applied and events logged. Questions from the lab manual are also answered regarding how GPOs can affect domain accounts and the purpose of the account lockout reset setting.

Uploaded by

avtar_singh450
Copyright
© All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

Name:____Aryan_Soi__________________

COMP2017 Server Administration


Unit #8: Managing Users and Computers with GPO
Objectives
Configure Account Policies
Configure Audit Policies
Enable Disk Quotas

Requirements
Active Directory Installed on the odd numbers computer
The second server installed as a member server.
Configuration Summary
Textbook Reference

Role

Domain

RWDCxx (Odd-numbered computers)

Domain Controller (DC)

[Link]

RWDCyy (Even-numbered computers)

Member Server

[Link]

SCDCxx (Server Core Installation)


Domain Controller (DC)
NOTE: RWDCzz Means perform these steps on the parent and child

[Link]

Procedure
Complete Project 8-1, as described.
Include a screenshot after part A step 6

The following screenshots are related to project 8.1-Part-A. At first I am logged on as


default Administrator on my domain controller with domain [Link].

I have created an OU named as Marketing:

A GPO named as PwdPoll was created and linked to the OU Marketing and Password
Policy Minimum Password Length was defined.

Supply Answer to question 1, 2 in lab manual on page 138.


Include screen shot after part B step 1
Answer question 5, 6 on page 139.

The following screenshot(relevant to project 8.1-Part-B) clearly illustrates setting of


Account Lockout Threshold policy in the PwdPoll GPO linked to the OU Marketing in my
domain [Link].

Complete Project 8-2, as described.


Include a screenshot demonstrating the configured audit policies and event
created.

The following screenshot relevant to Project-8.2 illustrates logged on as user


Administrator and I have also created a folder called ConfidentialFiles in the C-drive root:

I am selected Everyone group in my domain [Link].

The following screenshot clearly indicates configuration of type of Auditing for the folder
ConfidentialFiles:

A GPO called Audit1 was created and linked to the OU Domain Controllers in domain
[Link] and in this GPO, the Audit Policy Audit Object Access was configured as shown
below:

To test the configured audit policies, users Lab8User1 and Lab8User2 were created and I
logged on with these users in my domain controller with domain [Link] and I accessed
the files in the folder ConfidentialFiles in the C-drive root. The following screenshots
illustrates the events created:

******************************
Review Questions
1) When you create a GPO to implement a new password policy, where must you link the
GPO to have the policy affect Active Directory domain accounts?
Ans: By creating and linking a GPO to implement a new password policy at

the domain-level, all Active Directory domain accounts will be affected. All
OUs that do not have the Block Inheritance setting enabled will inherit the
new password policy as well.
2) What does the Reset Account Lockout Counter After setting do?
Ans. The Reset Account Lockout Counter After setting resets the counter which
has locked the user account after certain number of failed logon attempts. The
reset is done after the number of minutes (as defined in this setting) elapsed.

Evaluation (10 Marks)


Completion of Projects
Questions

8M
2M

You might also like