Scribd
Upload
8 views6 pages

Understanding Group Policy Management

The document provides an overview of Group Policy, detailing its centralized control over user and computer settings, software installations, and user experience. It explains the differences between local and global policies, the use of WMI filtering, and how to troubleshoot Group Policy issues. Additionally, it covers DHCP processes, common issues, and the benefits of Remote Desktop Services (RDS) for secure remote access.

Uploaded by

Prabhav Gupta
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
8 views6 pages

Understanding Group Policy Management

The document provides an overview of Group Policy, detailing its centralized control over user and computer settings, software installations, and user experience. It explains the differences between local and global policies, the use of WMI filtering, and how to troubleshoot Group Policy issues. Additionally, it covers DHCP processes, common issues, and the benefits of Remote Desktop Services (RDS) for secure remote access.

Uploaded by

Prabhav Gupta
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd

1.

Group Policy

 It provides centralized control of users and computers settings

 It also controls over applications including the installation and removal of when
they are no longer use
 It controls user experience

GPO is divided In to two parts that is computer configurations and user


configurations

 Computer settings applied before user can login -- > Until this group policy
applies user wont be able to login
 Users settings applied when users login -- > The user will not given control of the
desktop until the group policies settings have been applied

Group policy Controls 

 Security settings
 Software installation
 Windows settings
 Network settings
 User interface (like disabling Control Panel or task manager)

🔹 Feature 🖥️Local Policy 🌐 Global (Domain) Policy

Where it applies One single computer Multiple computers in a domain

Managed by Local machine only Centralized via Active Directory

Tool used [Link] Group Policy Management Console (GPMC)

Used for Standalone systems or testing Organization-wide rules and security settings

Example Block USB only on one PC Apply password rules to all users in the domain

🧠 In Simple Terms:

 Local Policy = Rules for just one computer.


 Global Policy = Rules for many computers from a central server that is (Domain Controller).

 Open Group Policy Management Console (GPMC).

 Computer Configuration → Policies → Windows Settings → Security


Settings → Account Policies

What is gpupadte and gpupdate force ?

 gpupdate command updates the Group Policy settings on your computer. It checks
if there are any new changes and applies them.
 gpupdate /force command forces the computer to apply all Group Policy settings
again, even if they haven't changed, making sure everything is up to date

[Link] filtering :

WMI filtering in Group Policy is a way to apply policies only to specific computers,
based on their properties like operating system, RAM, CPU, or other system info

For example, if you only want a policy to apply to Windows 10 machines, you can create
a WMI filter that checks for that and only applies the policy to those computers.

WMI filters can slow down Group Policy processing, so use them only when needed.

[Link] are the particular logs check in group policy ?

✅ Summary

 Use Event Viewer > GroupPolicy > Operational for detailed policy logs.
 Use gpresult /h [Link] to see a summary report of applied policies.
 Check System logs for basic policy errors.
 Use Security logs on domain controllers for changes made to GPO

[Link] often does Group Policy apply by default?

 For computers: Every 90 to 120 minutes


 For users: Every 90 to 120 minutes
 (The extra time is random to avoid too much traffic)
 For domain controllers: Every 5 minutes

🔁 Group Policy also applies:

 When the computer starts


 When a user logs in
 When you run the command:
 gpupdate /force

1. If i create one group policy that is not applying to policy what we can do ?

 Check if the GPO is linked

 Make sure the GPO is linked to the correct OU, domain, or site.

 Check if the GPO is enabled

 Open the GPO and ensure it’s not disabled (both user and computer parts should
be enabled).

 Use gpresult or rsop to verify

gpresult /h [Link]

✅ Force update

 Run this on the PC:


gpupdate /force

Check Event Viewer

 Look for any errors related to Group Policy.

If Group Policy Is Not Working – Check These Logs

1. ✅ Event Viewer – Group Policy Logs


o On the problem computer:

Event Viewer → Applications and Services Logs → Microsoft → Windows →


GroupPolicy → Operational

o This shows errors if the policy failed to apply.


2. ✅ System Logs
o In Event Viewer, go to:

Windows Logs → System

oLook for messages like:


 1058 – GPO not found
 1030 – GPO can’t be read
3. ✅ Run gpresult
o Open Command Prompt (as admin) and type:

gpresult /h [Link]

o Open the file and check if your GPO is listed. It also tells you why it didn’t
apply.
4. ✅ Use [Link]

[Link]

What cisco wall folder do ?

I heard may be its shared folder made by IT team ,

this stores software setup , logs and reports

Block inheritance:-

If u don’t want to give permission to certain users then u can use this policy

DNS zones :-

>In this case , computer doesn’t understands human language that’s the reason we
creating DNS queries to better to use our sites
We have two types of zones here

>Forward and reverse

> when u have the host name that u wanna convert to ip address then u use the
forward zone

> when u have the ip address that u wanna convert hostname then u use the reverse
zones

DFS (Distributed file system )

 Distributed file system is a Microsoft technology that allows organization


to create a unified name space for a file and folder access across
multiple servers 1and locations

DHCP
 Discover: The device asks, "Who can give me an IP address?"

 Offer: The DHCP server says, "I have an IP address for you!"

 Request: The device replies, "I want that IP address!"

 Acknowledge: The server confirms, "You got the IP address, it's all yours!"

What is meant by the Dora Process?

DORA stands for Discover, Offer, Request, and Acknowledge. It’s how a computer gets an IP address in a
network that uses Active Directory

 Discover:A device (like your phone or computer) asks, "Is there a DHCP server that can give me an IP
address?"

 Offer:The DHCP server replies with an offer, saying, "Here’s an IP address you can use!"

 Request:The device responds, "I accept this IP address!"

 Acknowledge:The DHCP server confirms, "Great! You can use this IP address now."

Summary

So, DORA helps computers automatically get IP addresses so they can connect to the network easily
 Common issues within DHCP scopes can include:

Not Enough Addresses:


Devices Fighting for the Same Address:
Network Areas Mixing Up:
Incorrect Gateway or DNS Settings:
DHCP Server Unavailability:

 Remote Access: RDS allows users to remotely access their desktops,


applications, and files from any location with an internet connection.

 RDS supports virtual desktop infrastructure (VDI), allowing


organizations to deploy and manage virtual desktops for users. This
enables flexibility, scalability, and easier management of desktop
environments.

 >RDS provides secure remote access to desktops and applications,


helping organizations protect sensitive data

You might also like