Group Policy

Group Policy

In a nutshell, a Group Policy is a collection of settings, which determine how a unit of users/computers should behave.

The Two Types of Group Policies:

Administrators can use Group Policies to enforce a set of configuration settings to both the computer and the user. Through Group Policies, administrators can control a myriad of settings like Software Installation, Security Settings, Scripts, Internet Explorer maintenance, desktop settings and many more. There are two types of Group Policies. They are:

  • Local Group Policy and
  • Non-local Group Policy

Local Group Policy

Each computer running the windows line of operating system has exactly one local group policy. It is available only to the particular computer in which it resides and to users who log on to that computer. The local group policy objects reside in the %systemroot%\System32\Group Policy folder. It has only a subset of settings that are available in the non-local group policy.

Non-local Group policy

Each domain controller has one or more non-local group policies. They are available to all the machines and users in the Active Directory environment. A non-local group policy can be applied to all users and computers in a domain or to a particular OU depending on where the group policy is linked.

Need for Group Policies

As organizations seek to increase productivity and revenues through technology, they are also trying to minimize the complexity of managing a huge IT infrastructure. The following are some of the reasons that illustrate why group policies are a necessity:

Uniform User experience

Users are no longer confined to a single computer in their workplace. They use different computers for different tasks. So, all their files and folders along with their personalized settings such as taskbar location, wallpaper settings, desktop icons, etc., have to be made available in all the machines the user logs on to.

Security

Even with all the authentication protocols and authorization techniques involved in AD, a malicious user, can still gain access to network resources, if the attacker comes to know about a user’s password. So, it is very important to have a strong password setting for all the users in an organization. It is also important to record certain events like user logon, access to a particular folder, etc., for auditing purposes.

Organization wide Policies

Most organizations use wallpapers, screen savers, interactive logon messages, etc., in an effort to establish a standard among all its employees. Organizations also have Internet policies that all users in the organization should adhere to.

Cost and Time

Tasks like software installation consume a lot of time. Installing and updating software in all computers, for all users, will not only take time, but also affects productivity, as employees lack access to their computers when the installation is taking place.

Group Policies play a crucial role in ensuring that the employees of an organization can have a hassle free experience when it comes to using the IT resources to accomplish their tasks.

    • Related Articles

    • Group Policy Application Process

      When the policy application process has to retrieve Group Policy information to apply to the Group Policy client, it uses a pull approach. For instance, the Group Policy client polls the Group Policy server to look for new policy settings supplied by ...
    • Group Policy Objects

      Group Policy settings are stored in the form of Group Policy Objects (GPOs). GPOs can be created like any other active directory object and is linked to a Site, domain or OU in which the policy settings have to be applied. The GPO stores its ...
    • Group Policy Object

      Administrators frequently turn to group policy objects to control user accounts and user activity in an Active Directory environment. In this video, we deep-dive into GPO basics such as why group policies are needed, the components of group policies, ...
    • Group Policy Results

      It is always a good practice to know what policy settings are being applied to a user or computer, since GPO imposes a lot of restrictions and customizations on the user and computer. So, if something is amiss, a review of the policy settings will ...
    • Different Group Policy Settings

      Group Policy includes policy settings that affect both Users and Computers. The settings under Computer Configuration control how the computer is configured. The settings under User configuration control the user’s log on session. Settings configured ...