Information Technology Reference
In-Depth Information
Restricted Groups
System Services
Registry
File System
Wired Network
Windows Firewall with Advanced Security
Network List Manager Policies
Wireless Networks
Network Access Protection
Application Control Policies
IP Security Policies
Advanced Audit Policy Configuration
Computer and User Sections of the GPO
Public Key Policies
Software Restriction Policy
Restricted Groups
The Restricted Groups settings allow you to control group membership by using a GPO.
The group membership I am referring to is the normal Active Directory groups (domain
local, global, and universal). The settings offer two configurable properties: Members and
Members Of.
The users on the Members list do not belong to the restricted group. The users on the
Members Of list do belong to the restricted group. When you configure a Restricted Group
policy, members of the restricted group that are not on the Members list are removed. Users
who are on the Members list who are not currently a member of the restricted group are added.
Software Restriction Policy
Software restriction policies allow administrators to identify software and to control its
ability to run on the user's local computer, organizational unit, domain, or site. This pre-
vents users from installing unauthorized software. Software Restriction Policy is discussed
in greater detail in this chapter in the “Implementing Software Deployment” section.
Group Policy Objects
So far, I have discussed what group policies are designed to do. Now it's time to drill down
to determine exactly how you can set up and configure them.
To make them easier to manage, group policies may be placed in items called Group
Policy objects (GPOs) . GPOs act as containers for the settings made within Group Policy
files, which simplifies the management of settings. For example, as a system administrator,
you might have different policies for users and computers in different departments. Based
 
Search WWH ::




Custom Search