DOCSLIB.ORG

System Policies to Group Policies: Issues, Improvements, and Best Practices, Part 2

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
System Policies to Group Policies: Issues, Improvements, and Best Practices, Part 2 84-02-07 DATA SECURITY MANAGEMENT SYSTEM POLICIES TO GROUP POLICIES: ISSUES, IMPROVEMENTS, AND BEST PRACTICES, PART 2 Melissa Yon INSIDE Dealing with Existing NT4 System Policies; Comparing System Policy to Group Policy; Windows 2000 Clients Without Active Directory, or Active Directory with Downlevel Clients; Group Policy Best Practices INTRODUCTION Part 1 (84-02-06) of this article series discussed the planning and designing of group policies. The goal was to make you aware of Group Policies, how to configure Group Policies, and how to link Group Policies to sites, domains, or organizational units (OUs) so they will be processed. This ar- ticle is a continuation of Part 1 (84-02-06) but addresses issues with clients who already process System Policies, applying a security policy to down- level clients, and best practices when enabling Group Policies on Win- dows 2000 Active Directory. DEALING WITH EXISTING NT4 SYSTEM POLICIES PAYOFF IDEA NT4 System Policies are the precursor If one’s company has never used System Policies, to Windows 2000 Group Policies. In then one is starting with a clean slate. However, if NT4, there are greater than 70 differ- implementing System Policies, there may be sev- eral things in the registry that no longer need to be ent settings through System Policy to a there. You will need to evaluate your environment machine, user, or a NT group of users. and decide if you want to implement Group Poli- While this addition to Windows is a cies over the System Policies, or if you need a very big step in the right direction, it clean install of the operating system before ap- plying Group Policies. When working with Group had many limitations. First, the System Policies, keep all of the best practices in mind. Policies are saved in a .POL file. This Think about Group Policy design while designing file must be in the NETLOGON direc- the Active Directory. The easiest Group Policy de- tory on the Domain Controller that au- sign is the design that follows the organizational unit structure. 08/01 Auerbach Publications © 2001 CRC Press LLC thenticated the users. If the file does not exist on the machine that authenticated the user, then the System Policy is not applied. To ensure that System Policies are available on all Domain Controllers, administrators typically set up the File Replication Service in NT4. They then configure it so that the NETLOGON directory replicates to receive the latest System Policies. This works well, provided the file replication ser- vice works correctly, which it did not always do in the past. Once the System Policies reside on all Domain Controllers, the System Policies for the machines and users will be processed when the machine and users are authenticated. The machine policy loads at boot-up and the System Policy for the user or any groups the user is a member of processes at logon. As the System Policy processes, the registry is tattooed. This means that the registry settings are changed based on the System Policy for the machine and the user. The machine System Policies are set under HKEY_LOCAL_MACHINE and the user System Policies are set under HKEY_CURRENT_USER. The System Policies change the actual registry keys. The registry is tattooed because if the System Policy is deleted, it will not remove the settings from the machine’s registry. If one wants to reset the client’s registry, one needs to reconfigure the System Policy to the set- tings needed. The client’s machine must be rebooted and the user needs to log in for the change to take place in the client’s registry. COMPARING SYSTEM POLICY TO GROUP POLICY Many of the settings found in System Policies are also in Windows 2000 Group Policies. The interface to configure the policy, however, is differ- ent. System Policies are edited using the Sysedit tool from Windows NT4 (see Exhibit 1). Group Policies are edited by using the Group Policy tool in the Microsoft Management Console. System Policies (Exhibit 2) has more than 70 configurable settings, while Group Policy (Exhibit 3) has more than 680 configurable settings. System Policies are applied to machines, users, and groups of users. Group Policy, however, is applied at the site, domain, and OU levels. To EXHIBIT 1 — System Policy Editor in Windows NT 08/01 Auerbach Publications © 2001 CRC Press LLC EXHIBIT 2 — Systems Policies Has More Than 70 Configurable Settings apply to only certain users or machines in a site, domain, or OU, one must filter the Group Policy. Because Group Policies are applied differently, one cannot upgrade the NT4 System Policies to Windows 2000 Group Pol- icies; one must configure Windows 2000 Group Policies using the Group Policy Tool. Unlike System Policies, Group Policies do not tattoo the registry. If the Group Policy is unlinked or deleted, the machine’s registry removes all the settings that were added to the registry by that Group Policy. System Poli- cies are unable to do this because System Policies write directly to the reg- istry under the specific key. Group Policies write to a specific key in the registry designed for Group Policies. It is located in: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\ CurrentVersion\Group Policy and 08/01 Auerbach Publications © 2001 CRC Press LLC EXHIBIT 3 — Group Policy Has More Than 680 Configurable Settings HKEY_CURRENT_USER\Software\Microsoft\Windows\ CurrentVersion\Group Policy Settings configured under these keys win over any other registry keys. This means if the user sets the background and Group Policy specifies the background under: HKEY_CURRENT_USER\Software\Microsoft\Windows\ CurrentVersion\Group Policy then the background under: 08/01 Auerbach Publications © 2001 CRC Press LLC HKEY_CURRENT_USER\Software\Microsoft\Windows\ CurrentVersion\Group Policy takes precedence. If using System Policies to specify the background, the background would write to the same registry key whether the user or System Policies set it. There is no way, by just looking at the registry, to determine if the user or if System Policies set the setting. WINDOWS 2000 CLIENTS WITHOUT ACTIVE DIRECTORY, OR ACTIVE DIRECTORY WITH DOWN-LEVEL CLIENTS Unfortunately, one must have a Windows 2000 client that authenticates to Active Directory to use Group Policy. Therefore, if one has Windows 2000 Active Directory installed but the client is a Windows 98 or Windows NT4 workstation, or if one has a Windows 2000 client that authenticates to a Windows NT4 domain, one must use System Polices. One needs the Sys- edit tool from the Windows NT4 Server to configure the System Polices. The System Policies will perform as explained above. Remember: System Policies tattoo the registry. To return the registry to its default state, set all System Policies to NOT CONFIGURED. The next time the machine is re- booted and the user logs on, the policy will be refreshed. GROUP POLICY BEST PRACTICES 1. Communicate One of the most important best practices when implementing Group Pol- icies is to communicate. Users tend to believe that their personal computer on their desk is just that, their computer. When an administrator attempts to lock down that machine, users feel the company is trying to infringe on their property. It is important from the beginning to communicate the rea- son for Group Policies. The reasons could be: • Group Policies will enable the company to run more efficiently. • There will be X less number of workstation visits. • There will be X less number of help desk calls. • Users will have X more time to do work because the workstation will not need to be serviced as often. 2. Consider the Group Policies Needed When Designing the Active Directory Structure Because Group Policies are applied to site, domain, and OU levels, it is important to design the site, domain, and OU by the way Group Policy needs to be applied. For example, there may be different Group Policies for different departments. There may be different Group Policies for dif- 08/01 Auerbach Publications © 2001 CRC Press LLC ferent types of users in those departments, such as User and Expert. The design could be either of the ones in Exhibit 4. 3. Use Descriptive Group Policy Names Create a naming scheme for the Group Policies. There should be a de- scriptive name for each Group Policy created, so that one knows the con- figuration of the Group Policy without having to traverse the Group Policy tree. Creating a New Group Policy with a Descriptive Name: 1. Click Start>Run. 2. Type mmc. 3. Press Enter. 4. Click Console>Add/Remove Snap-In. 5. Click Add. 6. Click AD Users and Computers. 7. Click OK. 8. Click Finish. 9. Click Close. 10. Expand the AD Users and Computers Snap-in. 11. Right-click the Domain or OU you are linking the GPO to. 12. Click Properties. 13. Click the Group Policy tab. 14. Click New. 15. Enter the New Group Policy Name. 16. Press Enter. 17. Click Edit to Configure the Group Policy. Changing the Group Policy Name: 18. Click Start>Run. 19. Type mmc. 20. Press Enter. 21. Click Console>Add/Remove Snap-in. 22. Click Add. 23. Click AD Users and Computers. 24. Click OK. 25. Click Finish. 26. Click Close. 27. Expand the AD Users and Computers Snap-in. 28. Right-click the Domain or OU you are linking the GPO to. 29. Click Properties. 30. Click the Group Policy Tab. 08/01 Auerbach Publications © 2001 CRC Press LLC EXHIBIT 4 — Group Policies for Different Departments and for Different Types of Users 08/01 Auerbach Publications © 2001 CRC Press LLC EXHIBIT 5 — Naming the Group Policy 31. Click twice slowly on the existing Group Policy. 32. Enter the New Group Policy Name.
Load more

Recommended publications
  • Microsoft Windows 95 Reviewer’S Guide
    1 CHAPTER 10 Systems Management Windows 95 is the first version of Windows expressly designed for manageability. The design ensures that management of the Windows 95 PC is accessible both locally and remotely via a privileged network manager. Network security is used to determine administrator-privileged accounts using pass-through security. Windows 95 also provides for PC users to be logically separated from the underlying configuration of their PCs so that the PC and user configurations and privileges can be managed independently. As a result, network managers can allow users to “rove” on the network—that is, log on from virtually any PC on the network and then operate from a desktop that has the correct settings and network privileges. The logical separation also means that a single PC can be shared by multiple users, each with a different desktop configuration and different network privileges. Given the proliferation of PCs connected to corporate networks, the Windows 95 PC must be able to participate in any network-wide management schemes. Windows 95 is designed to meet various network management criteria by providing built-in support for several of the key network management standards. With this infrastructure built into Windows 95, network management applications will be able to provide tools for network managers to keep PCs and networks running more efficiently and cost effectively. Open management interfaces are key to the management implementation in Windows 95. Where a standard exists, Windows 95 implements an enabling technology to embrace the standard—for example, an SNMP agent is supplied to enable remote management of Windows 95 PCs via any number of third-party SNMP consoles.
    [Show full text]
  • Hacks, Cracks, and Crime: an Examination of the Subculture and Social Organization of Computer Hackers Thomas Jeffrey Holt University of Missouri-St
    View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by University of Missouri, St. Louis University of Missouri, St. Louis IRL @ UMSL Dissertations UMSL Graduate Works 11-22-2005 Hacks, Cracks, and Crime: An Examination of the Subculture and Social Organization of Computer Hackers Thomas Jeffrey Holt University of Missouri-St. Louis, [email protected] Follow this and additional works at: https://irl.umsl.edu/dissertation Part of the Criminology and Criminal Justice Commons Recommended Citation Holt, Thomas Jeffrey, "Hacks, Cracks, and Crime: An Examination of the Subculture and Social Organization of Computer Hackers" (2005). Dissertations. 616. https://irl.umsl.edu/dissertation/616 This Dissertation is brought to you for free and open access by the UMSL Graduate Works at IRL @ UMSL. It has been accepted for inclusion in Dissertations by an authorized administrator of IRL @ UMSL. For more information, please contact [email protected]. Hacks, Cracks, and Crime: An Examination of the Subculture and Social Organization of Computer Hackers by THOMAS J. HOLT M.A., Criminology and Criminal Justice, University of Missouri- St. Louis, 2003 B.A., Criminology and Criminal Justice, University of Missouri- St. Louis, 2000 A DISSERTATION Submitted to the Graduate School of the UNIVERSITY OF MISSOURI- ST. LOUIS In partial Fulfillment of the Requirements for the Degree DOCTOR OF PHILOSOPHY in Criminology and Criminal Justice August, 2005 Advisory Committee Jody Miller, Ph. D. Chairperson Scott H. Decker, Ph. D. G. David Curry, Ph. D. Vicki Sauter, Ph. D. Copyright 2005 by Thomas Jeffrey Holt All Rights Reserved Holt, Thomas, 2005, UMSL, p.
    [Show full text]
  • Software Deployment by GPO the Next Area to Look at Is Software Deployment Gpos
    MCITP 70-622 Exam Cram: Supporting and Troubleshooting Applications on a Associate Publisher Windows Vista® Client for Enterprise Support Technicians David Dusthimer Copyright © 2008 by Que Publishing All rights reserved. No part of this book shall be reproduced, stored in a retrieval sys- Executive Editor tem, or transmitted by any means, electronic, mechanical, photocopying, recording, or Betsy Brown otherwise, without written permission from the publisher. No patent liability is assumed with respect to the use of the information contained herein. Although every Development Editor precaution has been taken in the preparation of this book, the publisher and authors Box Twelve assume no responsibility for errors or omissions. Nor is any liability assumed for dam- Communications, Inc. ages resulting from the use of the information contained herein. ISBN-13: 978-0-7897-3719-9 Technical Editors ISBN-10: 0-7897-3719-1 Chris Crayton Pawan Bhardwaj Library of Congress Cataloging-in-Publication Data Mancuso, Paul. Managing Editor MCITP 70-622 exam cram / Paul Mancuso, David Miller. Patrick Kanouse p. cm. Project Editor ISBN 978-0-7897-3719-9 (pbk. w/cd) Seth Kerney 1. Electronic data processing personnel—Certification. 2. Microsoft software— Examinations—Study guides. 3. Microsoft Windows (Computer file) I. Miller, David. Copy Editor II. Title. Chuck Hutchinson QA76.3.M3245 2008 005.4’46—dc22 Indexer 2008016537 WordWise Printed in the United States of America Publishing, Inc. First Printing: May 2008 Trademarks Proofreader All terms mentioned in this book that are known to be trademarks or service marks Kathy Ruiz have been appropriately capitalized. Que Publishing cannot attest to the accuracy of this information.
    [Show full text]
  • Windows Server 2008 and Windows Vista Ebook
    ● ● ● ● ● ● ● ● ● ● ● How to access your CD files The print edition of this book includes a CD. To access the CD files, go to http://aka.ms/625143/files, and look for the Downloads tab. Note: Use a desktop web browser, as files may not be accessible from all ereader devices. Questions? Please contact: [email protected] Microsoft Press PUBLISHED BY Microsoft Press A Division of Microsoft Corporation One Microsoft Way Redmond, Washington 98052-6399 Copyright © 2008 by Derek Melber All rights reserved. No part of the contents of this book may be reproduced or transmitted in any form or by any means without the written permission of the publisher. Library of Congress Control Number: 2008920568 Printed and bound in the United States of America. 1 2 3 4 5 6 7 8 9 QWT 3 2 1 0 9 8 Distributed in Canada by H.B. Fenn and Company Ltd. A CIP catalogue record for this book is available from the British Library. Microsoft Press books are available through booksellers and distributors worldwide. For further infor- mation about international editions, contact your local Microsoft Corporation office or contact Microsoft Press International directly at fax (425) 936-7329. Visit our Web site at www.microsoft.com/mspress. Send comments to [email protected]. Microsoft, Microsoft Press, Active Desktop, Active Directory, ActiveX, BitLocker, Excel, FrontPage, HotStart, InfoPath, Internet Explorer, NetMeeting, OneNote, Outlook, PowerPoint, SideShow, Visio, Visual Basic, Visual Studio, Windows, Windows Live, Windows Media, Windows NT, Windows PowerShell, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.
    [Show full text]
  • Server Operating System
    Server Operating System ® White Paper Guide to Microsoft® Windows NT® 4.0 Profiles and Policies © 1997 Microsoft Corporation. All rights reserved. The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the date of publication. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information presented after the date of publication. This White Paper is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. Microsoft, the BackOffice logo, MS-DOS, Windows, and Windows NT are registered trademarks of Microsoft Corporation. Other product or company names mentioned herein may be the trademarks of their respective owners. Microsoft Corporation • One Microsoft Way • Redmond, WA 98052-6399 • USA 0997 Abstract This guide provides information and procedures for implementing Microsoft® Windows NT® 4.0 Profiles and Policies on client workstations and servers. A Microsoft Windows NT 4.0 User Profile describes the Windows NT configuration for a specific user, including the user’s environment and preference settings. A System Policy is a set of registry settings that together define the computer resources available to a group of users or an individual. With the addition of System Policies and the new User Profile structure to Windows NT 4.0, network administrators have a greater ability to control the user environment than they have ever had before. This document provides the details that administrators need to know to implement a rollout of User Profiles and System Policies under Windows NT 4.0.
    [Show full text]
  • Your Complete Guide to Configuring a Secure Windows 2000 Network
    181_HPnew_FC 9/20/01 11:51 AM Page 1 1 YEAR UPGRADE BUYER PROTECTION PLAN ™ www.sharexxx.net - free books & magazines Your Complete Guide to Configuring a Secure Windows 2000 Network • Complete Coverage of Internet Information Services (IIS) 5.0 • Hundreds of Configuring & Implementing, Designing & Planning Sidebars, Security Alerts, and FAQs • Complete Coverage of Kerberos, Distributed Security Services, and Public Key Infrastructure Chad Todd Norris L. Johnson, Jr. Technical Editor From the authors of the bestselling HACK PROOFING™ YOUR NETWORK 181_SerSec2e_FM 9/20/01 1:07 PM Page i [email protected] With more than 1,500,000 copies of our MCSE, MCSD, CompTIA, and Cisco study guides in print, we continue to look for ways we can better serve the information needs of our readers. One way we do that is by listening. Readers like yourself have been telling us they want an Internet-based ser- vice that would extend and enhance the value of our books. Based on reader feedback and our own strategic plan, we have created a Web site that we hope will exceed your expectations. [email protected] is an interactive treasure trove of useful infor- mation focusing on our book topics and related technologies. The site offers the following features: I One-year warranty against content obsolescence due to vendor product upgrades. You can access online updates for any affected chapters. I “Ask the Author”™ customer query forms that enable you to post questions to our authors and editors. I Exclusive monthly mailings in which our experts provide answers to reader queries and clear explanations of complex material.
    [Show full text]
  • Mastering Windows XP Registry
    Mastering Windows XP Registry Peter Hipson Associate Publisher: Joel Fugazzotto Acquisitions and Developmental Editor: Ellen L. Dendy Editor: Anamary Ehlen Production Editor: Elizabeth Campbell Technical Editor: Donald Fuller Electronic Publishing Specialist: Maureen Forys, Happenstance Type-O-Rama Proofreaders: Nanette Duffy, Emily Hsuan, Laurie O'Connell, Yariv Rabinovitch, Nancy Riddiough Book Designer: Maureen Forys, Happenstance Type-O-Rama Indexer: Ted Laux Cover Designer: Design Site Cover Illustrator: Sergie Loobkoff Copyright © 2002 SYBEX Inc., 1151 Marina Village Parkway, Alameda, CA 94501. World rights reserved. The author(s) created reusable code in this publication expressly for reuse by readers. Sybex grants readers limited permission to reuse the code found in this publication or its accompanying CD-ROM so long as the author is attributed in any application containing the reusable code and the code itself is never distributed, posted online by electronic transmission, sold, or commercially exploited as a stand-alone product. Aside from this specific exception concerning reusable code, no part of this publication may be stored in a retrieval system, transmitted, or reproduced in any way, including but not limited to photocopy, photograph, magnetic, or other record, without the prior agreement and written permission of the publisher. First edition copyright © 2000 SYBEX Inc. Library of Congress Card Number: 2002100057 ISBN: 0-7821-2987-0 SYBEX and the SYBEX logo are either registered trademarks or trademarks of SYBEX Inc. in the United States and/or other countries. Mastering is a trademark of SYBEX Inc. Screen reproductions produced with FullShot 99. FullShot 99 © 1991-1999 Inbit Incorporated. All rights reserved.FullShot is a trademark of Inbit Incorporated.
    [Show full text]
  • A Records, 244–245, 279 -A Switch in Nbtstat, 190 in Netstat, 186 AAS Deployment Package, 710 .Aas Extension, 712 Abstract
    22_InsideWin_Index 13/3/03 9:50 AM Page 1269 Index A A records, 244–245, 279 ACEs (Access Control Entries) -a switch access masks in, 568–570 in Nbtstat, 190 command-line tools for, 572–576 in Netstat, 186 for cumulative permissions, 577 AAS deployment package, 710 for deny permissions, 578 .aas extension, 712 inheritance in, 579–580, 725–728 Abstract classes, 299–300 object ownership in, 572 Accelerated Graphics Port (AGP) adapters, 164 viewing and modifying, 570–571 Access Control Entries. See ACEs (Access ACKs in DHCP, 101–102 Control Entries) ACL Editor, 570, 723 Access control lists (ACLs) Advanced view in Active Directory security, 732–734 for inheritance, 578, 581 objects in, 339 for ownership, 572 in security descriptors, 559 for special permissions, 723–724 Access Control Settings window, 728 Edit view, 725–726 Access masks for permissions inheritance, 578 in ACEs, 568–570 blocking, 579 in DSOs, 733 settings for, 581 Access requests in Kerberos, 621 viewings, 582 Access rights. See also Permissions ACLs (access control lists) in Active Directory security in Active Directory security, 732–734 delegation, 729–732 objects in, 339 types of, 724–725 in security descriptors, 559 for group policies, 682 ACPI (Advanced Configuration and Power Access tokens Interface) contents of, 560–561 compatibility of, 23–28, 148–149 local, 559 kernel version for, 135 SIDs in, 559, 561, 581 for PnP,17, 147–149 ACCM (Asynchronous-Control- ACPIEnable option, 149 Character-Map), 1124 Activation Account domain upgrades, 496–498 in IA64, 130 BDC, 494–496 in installation, 49–50 PDC, 490–493 unattended setup scripts for, 95 Account lockout policies Active Directory, 238 in domain design, 429 bulk imports and exports in, 353–356 in password security, 593–594 DNS deployment in, 242–243 Account logons, auditing, 647 DNS integration in, 238–239 Account management, auditing, 511, 648 dynamic updates, 244–245 Accounts in domain migration.
    [Show full text]
  • Writing Custom ADM Files for System Policy Editor Page 1 of 4
    KB225087 - Writing Custom ADM Files for System Policy Editor Page 1 of 4 Knowledge Base Writing Custom ADM Files for System Policy Editor PSS ID Number: 225087 Article Last Modified on 6/24/2004 The information in this article applies to: Microsoft Windows NT Server 4.0 Terminal Server Edition Microsoft Windows 2000 Server Microsoft Windows 2000 Advanced Server Microsoft Windows NT Server 4.0 Microsoft Windows NT Server, Enterprise Edition 4.0 This article was previously published under Q225087 IMPORTANT : This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base: 256986 Description of the Microsoft Windows Registry SUMMARY This article is a guide for writing custom ADM files for use with System Policy Editor. System Policy Editor's interface, comprised of all of the books, check boxes, and text boxes you see when you open a computer or user of group policy, is created with a template. The system policy template, or ADM file, is a simple program that instructs System Policy Editor what books, check boxes, and other input controls to present to the administrator. For more information about writing an ADM file for group policy, see the white paper ("Implementing Registry- Based Group Policy") at the following Microsoft Web site: http://www.microsoft.com/WINDOWS2000/techinfo/howitworks/management/rbppaper.asp MORE INFORMATION Templates Specify the Registry Change There are two default templates included when you install Windows NT.
    [Show full text]
  • Guide to Understanding the Group Policy.Pdf
    Step-by-Step Guide to Understanding the Group Policy Feature Set Page 1 of 17 Windows 2000 Server Step-by-Step Guide to Understanding the Group Policy Feature Set Operating System Abstract Group Policy is the central component of the Change and Configuration Management features of the Microsoft® Windows® 2000 operating system. Group Policy specifies settings for groups of users and of computers, including registry-based policy settings, security settings, software installation, scripts (computer startup and shutdown, and log on and log off), and folder redirection. This paper is a technical step-by-step guide of the capabilities of Group Policy. It is intended for IT managers, system administrators, and others who are interested in using Group Policy to manage users' desktop environments. Introduction This document is part of a set of step-by-step guides that introduce IT managers and system administrators to the features of the Windows 2000® operating system. This document presents a brief overview of Group Policy, and shows how to use the Group Policy snap-in to specify policy settings for groups of users and of computers. It includes information on: l Configuring the Group Policy snap-in. l Creating and managing Group Policy objects. l Setting options for registry-based policy, scripts, and loopback policy. l Using security groups with Group Policy. l Linking multiple Group Policy Objects. l Blocking and enforcing Group Policy. Group Policy and the Active Directory In Windows 2000, administrators use Group Policy to enhance and control users' desktops. To simplify the process, administrators can create a specific desktop configuration that is applied to groups of users and computers.
    [Show full text]
  • Windows Powertoys FAQ
    Windows PowerToys FAQ Home > Articles > Here Windows PowerToys FAQ for Windows 95, 98, ME, 2000 & XP Version 9.0, Updated August 5, 2005 Hold mouse here for list of most recent changes. Receive notice whenever this page is updated. What are the Windows PowerToys? Original Windows PowerToys The original Windows PowerToys are extra goodies that simply should have been part of Windows 95 at the beginning. The designers of the Windows 95 shell wrote them for their own use initially, and later were permitted to post them as free, unsupported add-ons (which work very well despite the official “unsupported” stance). For several years, I have thought of them simply as indispensable parts of a standard Windows install. Mostly, these original PowerToys work very well not only in Windows 95, but also in Windows 98, Windows Millennium Edition (ME), and Windows XP. This FAQ explains which ones do and do not work in each of these versions of Windows. Windows XP PowerToys Microsoft has released an entirely new set of PowerToys custom created for Windows XP, including TweakUI 2.0 (which, in this FAQ, I’ll simply call “TweakUI XP”). This is the first new issue of a PowerToys set since Windows 95. With only a couple of exceptions, these tools do not at all duplicate the original Win95 PowerToys. This means that most of the original Win95 PowerToy set is also still very useful and desirable on Win XP in addition to the new XP PowerToys. Where can I get the Windows PowerToys? Original Windows PowerToys Here is the direct Microsoft link to the original PowerToys.
    [Show full text]
  • Scope of Work. Potential Vendor Should Provide Server / System
    PDCC DATABASE and SERVER/SYSTEM Facility Management Services(FMS) Scope Of Work. Potential Vendor should provide Server / System and Database Facility Management Services (FMS) at Banks Data Centre located at Head Office, 4B, B. J. Road, Pune – 411 001 & DR Center located at Baramati branch Office. Potential Vendor should provide Competent Technically skilled, experienced resources (DBA Certification Like Microsoft SQL 2008 R2 etc.. is must) responsible for Server/ System Management & Administration, Database Management & administration and other necessary & trouble shooting activities in order to execute the Banking business across Branches in coordination with Banks IT Department. Potential Vendor Working Hrs will be mandatorily to support in all the Three Shifts at Banks DC & DR offices primarily to make sure Banking Services are available 24*7*365 time Window under the RBI’s and other Compliance Authority working Guideline. However Potential Vendor and Bank can mutually decide the best suitable Shift timeline. The following are the list of services covered under Facility Management Services. Server / System Management and Administration Support - Server / System level Installation & Configuration Services, - Setting up and configuring servers and corresponding application as per configuration Industry best practices and guidelines. - Optimizing the System/ Server Resources to ensure Power Utilization, High availability and Maximize the Uptime of 99.0% during 24*7*365 Time Window. - Installation / re-installation of Windows or any other Operating System / OS utilities acquired by Bank course of FMS period. - Monitoring Operations, OS & Hardware Support - Seamless and smooth monitoring mechanism has to be created so that to keep servers stable, reliable and their operations efficient. Also User Management such as (User registration, User ID Creation, maintaining user profiles, granting user access, authorization, and user password support), H/w device management, Application/File System backup management, and support for print, file and directory services etc.
    [Show full text]