OU
(Organizational
Unit)
OU is logical container of users and other objects or
it can be defined as department. Group is use to manage permissions and OU is
use to apply policies. We can apply policies on particular users department
wise or function wise. We can apply policy for OU but it will be inherit on the
users or groups of that particular OU. A
user cannot be member of more than one OU at a time.
Secondly, OU is use for delegate controls.
GPO (Group Policy Object) can be use for local computer
in the workgroup network, for the entire domain and for particular OU also.
To create OU :-
AD users and computers
-> Domain name -> Rt.
click -> New -> OU
To apply policy on OU :-
Program ->
Administrative tools -> Group
Policy Management (gpmc.msc) ->
Forest -> Domain
-> domain name(xyz.com)
-> OU -> Rt. click -> Create GPO -> Edit GPO -> Computer Configuration
Policies and User Configuration Policies
NOTE: Computer configuration policies are use for the
computers and User Configuration Policies are use for the users inside the OU.
Options in OU
:-
1. Create OU
2. Apply GPO on
OU
3. Inherit policy from parent to child OU
4. Block policy inheritance in child OU
5. Enforce GPO from parent OU
6. Disable GPO
7. Apply security permission on GPO
8. Filter option
9. Add link with the existing GPO
10.Delete link and Delete GPO
NOTE: RSOP (Resultant Set Of Policy) can be use to find
the existing policies.
RUN mmc -> File menu -> Add/Remove snap-in -> Select Resultant Set Of Policy -> Add
-> Ok -> Console
Root -> Generate RSOP Data -> Planning mode
No comments:
Post a Comment