Technological Blog
Posts tagged Group Policy
Password Settings Object
Jan 18th
Posted by technoblogical in Active Directory
A PSO is a password policy that is available in a Microsoft Windows Server 2008 Domain Controller. It is more granular than Active Directory group policy because it is applied to a particular user or group. Group Policy Objects (GPO) sre applied to an entire organizational unit (OU). You may try to apply several PSOs to a person, but one will take precedence. The one with the lowest number will be the policy applied. To use the features in this video, you must promote your domain to a Server 2008 level.
audit object access part a
Dec 21st
Posted by technoblogical in Active Directory
audit object access part a
This is a video on how to audit object access on a Server 2008 domain controller (DC) and a client of the domain. I deny permission to a folder for a user and then view the record in the security log in event viewer. Remember that events are always recorded on the local machine. These type of events can be done on Microsoft Windows Server 2008, 2003, 2000, 7, XP, or Vista. They don’t require active directory. If you are in a workgroup you’ll need to set local group policy (GPO).
Name of auditing – server 2008 defaults
Audit Account Logon Events -successful and failed
Triggered anytime you log into the domain. If the computer or user authenticates to the DC it’s an account logon event.
Audit Logon events – successful and failed
Creates an event when you logon to a computer. You log into a domain, an event is recorded on the DC. You log in locally, the event is recorded on that machine. You access a folder, you authenticate to that machine and the event is recorded on that machine.
Audit Account Management – successful only
Audits events for creation, deletion, or modification of users, groups, computers, or passwords.
Audit Directory Service Account – successful only
Audits events specified on the security of objects in AD.
Audit Policy Change – successful only
Audits events that modify user rights.
Audit Privilege use – none
Not sure. Is this the Security setting in GPME? “audits the use of a privilege or user right.”
Audit System Events – sucess and failure
Audits success, failure, or changes that affect they system or security log.
Audit Process tracking – success
Audits events such as program activation and process exit
audit object access – success
Audits access to objects such as files, folders, registry keys, and printers that have their access control list (ACL) or security tab. Requires enable options on those items as well
update software through group policy
Nov 4th
Posted by technoblogical in Active Directory
update software through group policy
This is a video about how to update software through group policy. In the last video, I installed Firefox 3.0, in this video I upgrade to Firefox 3.5. I use a a Microsoft installer (MSI) package and a GPO (group policy object) in an active directory domain (requires domain controller) to do this. This operation may be performed on Server 2000, 2003, or 2008 and client operating systems of Windows 2000, XP, Vista, or 7. You may assign the program to specific users or computers so that it will be installed. You can also publish the software so that the user may decide to install the software.