Questions tagged [group-policy]

Group Policy is a built-in feature of the Microsoft Windows operating systems. Group Policy allows administrators to automatically configure myriad options within the OS. These policies can be configured, and applied, either locally to the computer via Local Group Policy or remotely within an Active Directory environment.

Microsoft has added Group Policy Preferences Client Side Extensions, formerly a third-party tool called PolicyMaker, to its in-support Windows OSes. The CSEs greatly extend the number features which can be configured via Group Policy.

See the following links for more details.

http://gpsearch.azurewebsites.net - Searchable list of configurable group policies http://blogs.technet.com/grouppolicy - Microsoft’s official Group Policy blog http://blogs.technet.com/askds - Ask Directory Services is the official blog from Microsoft engineers supporting group policy and other related AD technologies

3186 questions

votes

2 answers

Windows 2008 R2 gpupdate locks my user account

I built a Windows 2008 R2 server last year, and ever since my elevated account locks 10-12 times a day. After much research and testing I found that the server is locking my account at each failed attempt to update Group Policy (about every 90…

windows-server-2008-r2 group-policy active-directory

asked Mar 05 '14 at 18:48

Windows Server Ops

votes

1 answer

Disable Server Manager from startup for Remote Desktop users with GPO for no MMC

I have a GPO that restricts MMC creation. When users who this GPO applies to login they are greeted with "MMC could not create the snap-in." I understand there is normally a checkbox that prevents Server Manager from coming up but of course I cannot…

windows-server-2008-r2 group-policy windows

asked Nov 26 '13 at 08:06

tacos_tacos_tacos

3,250
18
63
100

votes

6 answers

What are the popular (free?) options for application deployment?

I manage a small school network with about 150 machines. I am looking for an easy way to deploy software to all the machines without having to visit each one. I've used Symantec Ghost to get the machines all set up identically, but for one…

windows windows-server-2003 group-policy deployment application

asked Aug 12 '09 at 12:49

Philip

votes

6 answers

How can I export all group policies to a easily-parseable format?

I need to dump all the Group Policies within Active Directory to review offline at a later date. Is there a way I can easily export all the Group Policies to text or some other easily-parseable format? Edit: Will these tools work from a computer…

active-directory group-policy export text

asked Jul 24 '09 at 15:14

romandas

3,302
8
39
44

votes

8 answers

Locked myself out of Group Policy Editor

I set 'only allow certain applications' restrictions and accidentally applied them across the board to all accounts. Now I'm restricted to only running a browser and can't run the group policy editor! Is there a backdoor I can make use of?

windows-7 group-policy

asked Apr 17 '12 at 22:48

Darren

votes

5 answers

GPO to Disable Screensaver only when connected via RDP

Is there a GPO option to disable the idle-time screensaver for RDP connections, but keep the idle-time screensaver options for interactive logins? Edit: All users are TS users as well a local so they are in the same OU. We need the screensaver…

windows-7 group-policy remote-desktop-services windows

asked Mar 27 '12 at 00:37

Matthew Halliday

votes

2 answers

Where Do I Find The Update URL For Google Chrome Extensions?

I'm trying to setup group policy for Google Chrome (http://support.google.com/installer/bin/answer.py?hl=en&answer=146164) particularily I'm working on setting up the Configuring the list of force-installed extensions. I can find the extension ID by…

group-policy google-chrome

asked Jan 28 '12 at 20:09

Mike Hagstrom

votes

2 answers

AD: What is the difference between local, global and universal groups?

What is the basic difference between local, global and universal groups in Active Directory? What is the best practice when assigning users and groups to these groups?

active-directory group-policy

asked Jul 27 '10 at 09:40

atricapilla

votes

3 answers

How is software deployed via Active Directory?

What are the steps required for deploying a software package via Active Directory / GPO?

active-directory deployment group-policy

asked May 27 '09 at 16:52

squillman

37,883
12
92
146

votes

4 answers

Windows 2003 GPO Software Restrictions

We're running a Terminal Server farm in a Windows 2003 Domain, and I found a problem with the Software Restrictions GPO settings that are being applied to our TS servers. Here are the details of our configuration and the problem: All of our servers…

windows windows-server-2003 group-policy

asked Feb 14 '10 at 14:14

joeqwerty

109,901
6
81
172

votes

4 answers

Registry key location for software deployed via Group Policy?

I need to trigger a particular GPO-deployed application to reinstall. In the past I've just deleted a certain registry key that tells Windows: "this application has been installed". But I can't for the life of me remember where those keys are…

windows group-policy

asked Feb 10 '10 at 23:36

Boden

4,968
12
49
70

votes

2 answers

GPO Installs - Differentiating between 64 and 32 bit systems

What is the easiest way to use group policies to install the 64 bit version of a package on 64bit systems and the 32bit package on 32 bit systems. I have done some searching and I am not seeing anything useful about how to use group policies in an…

windows installation group-policy 64-bit 32-bit

asked Nov 23 '09 at 05:19

Zoredache

130,897
41
276
420

votes

7 answers

How do I remove a group policy without access to the domain (controller)?

I've got a (WS2012-R2) domain controller and a set of (WS2012-R2) servers that are member of the domain. I accidentally added a group all administrators are member of to the Group Policy "Deny logon access locally", "Deny logon as service", "Deny…

active-directory group-policy windows-server-2012-r2

asked Aug 03 '16 at 18:37

shagrinar

votes

2 answers

How to bypass GPO loopback processing for some users?

As you probably know, loopback processing is a feature of Active Directory Group Policies which applies user settings in a GPO to any user who logs on to computers in the GPO's scope (whereas the standard behavior would be to apply user settings…

active-directory group-policy

asked Jun 30 '16 at 18:05

Massimo

70,200
57
200
323

votes

2 answers

What does 'Log on as a Service' actually mean?

I am building Group Policy for a new domain that we are migrating to. In our current environment the settings Log on as a Service is set at the Server OU level - which has about a hundred Service Accounts in that field for having access to this…

windows security group-policy

asked Apr 18 '16 at 02:03

The Woo

Prev 1 2 3

…

99 100 Next