Below is the list of Windows Server Group Policy Interview Questions Asked in Windows System Administrator / L1/l2/l3 Support Engineer Interviews.

Similar documents
ms-help://ms.technet.2004apr.1033/win2ksrv/tnoffline/prodtechnol/win2ksrv/howto/grpolwt.htm

COPYRIGHTED MATERIAL. Configuring, Deploying, and Troubleshooting Security Templates. Chapter MICROSOFT EXAM OBJECTIVES COVERED IN THIS CHAPTER:

Managing Group Policy application and infrastructure

Managing Group Policy application and infrastructure

Faculty of Engineering Computer Engineering Department Islamic University of Gaza Network Lab # 7 Permissions

Practical 23 Manage Desktop Configuration using group policy and remote installation services.

MCSA Guide to Administering Microsoft Windows Server 2012/R2, Exam Chapter 10 Managing Group Policies

Installation Guide. . All right reserved. For more information about Specops Deploy and other Specops products, visit

M-FILES SETUP: ADVANCED USER'S GUIDE

Managing Windows Environments with Group Policy

Automating the Windows 2000 Installation

Installation Guide. . All right reserved. For more information about Specops Deploy and other Specops products, visit

8 Administering Groups

Windows Server 2003 Network Administration Goals

Centrify Suite Group Policy Guide. Centrify Corporation. June 2013

Installation Guide. . All right reserved. For more information about Specops Password Policy and other Specops products, visit

User Guide. Important Message

5 MANAGING USER ACCOUNTS AND GROUPS

ALTIRIS Software State Management

Sharpdesk V3.3. Push Installation Guide for system administrator Version

Exclaimer Mail Archiver

Microsoft User Experience Virtualization Deployment Guide

EXAM Windows Server Administration Fundamentals. Buy Full Product.

Copyright 2017 Softerra, Ltd. All rights reserved

DATA SECURITY MANAGEMENT. Melissa Yon INSIDE

You need to make sure that branch office administrators are able to create and manage their own GPOs respectively.

Installing and Configuring VMware User Environment Manager

8 MANAGING SHARED FOLDERS & DATA

USER GUIDE. CTERA Agent for Windows. June 2016 Version 5.5

NTFS File and Folder Permissions. Windows Server Ins and Outs of NTFS permissions in Windows Server 2012.

Guide to Deploy the AXIGEN Outlook Connector via Active Directory

VMware Mirage Web Manager Guide

Citrix Connector Citrix Systems, Inc. All rights reserved. p.1. About this release. System requirements. Technical overview.

x CH03 2/26/04 1:24 PM Page

App Orchestration 2.0

Dell GPOADmin 5.7. About Dell GPOADmin 5.7. New features. Release Notes. December 2013

Installing and Configuring VMware User Environment Manager. VMware User Environment Manager 9.2

Immidio White Paper Migration to Windows 7 with Immidio Flex Profiles

Local Area Networks (LAN s)

Installation Manual. Fleet Maintenance Software. Version 6.4

Password Reset Utility. Configuration

Installation & Configuration Guide

7 Managing and Maintaining Group Policy

Installing and Configuring VMware User Environment Manager. VMware User Environment Manager 9.3

Understanding Modelpedia Authorization

Outlook and Outlook Web App. Sharing and Accessing Subfolders

ACE Operation Manual

Table Of Contents INTRODUCTION... 6 USER GUIDE Software Installation Installing MSI-based Applications for Users...9

Contents. Override Default Preferences Pre-Configure Preferences with Transform Files (.MST) Install MSI for current user...

Group Policy Interview Questions Answers Pdf File >>>CLICK HERE<<<

Barracuda Archive Search for Outlook Deployment for Windows Vista and Windows Server 2008

Microsoft Certified IT Professional Training Notes Windows Server 2008 Active Directory Exam Code

Table Of Contents INTRODUCTION Release Notes... 5 Contacting AdventNet... 6 TECHNOLOGY OVERVIEW... 8

White Paper. Deployment of ActiveX Controls via Microsoft Windows Active Directory. Fabasoft Folio 2016 Update Rollup 6

KASPERSKY LAB. Kaspersky Administration Kit version 6.0. Reference Book

ChromQuest 4.2 Chromatography Data System

Foxit PhantomPDF GPO User Guide

Autodesk DirectConnect 2010

Quest GPOADmin 5.6. User Guide

BackupVault Desktop & Laptop Edition. USER MANUAL For Microsoft Windows

IT Essentials v6.0 Windows 10 Software Labs

20411D D Enayat Meer

Group Policy Structure and Processing

Policy and the Windows Server 2003 Group Policy Management Console

Vendor: Microsoft. Exam Code: Exam Name: Pro: Windows 7, Enterprise Desktop Administrator. Version: Demo

Setting Access Controls on Files, Folders, Shares, and Other System Objects in Windows 2000

Exam Questions

Identity with Windows Server 2016 (742)

IBM Proventia Management SiteProtector Policies and Responses Configuration Guide

Laserfiche Security Training Manual

Force Uninstall Win7 7 Update Group Policy Remote Computer

Chapter. Accessing Files and Folders MICROSOFT EXAM OBJECTIVES COVERED IN THIS CHAPTER

Networks: Access Management Windows NT Server Class Notes # 10 Administration October 24, 2003

Lasso Continuous Data Protection Lasso CDP Client Guide August 2005, Version Lasso CDP Client Guide Page 1 of All Rights Reserved.

Function. Description

Microsoft Windows Server Administration Fundamentals. Download Full Version :

Word 2010 Instruction Template Change Location Group Policy

Content Publisher User Guide

LepideAuditor. Installation and Configuration Guide

Installation Guide. . All right reserved. For more information about Specops Deploy and other Specops products, visit

ArcGIS and ArcGIS Pro Enterprise Deployment. An Esri Technical Paper July 2015

d95f-41eb-addd- 5e6eff41b083

Microsoft Windows Server Administration Fundamentals.

Course CLD221x: Enabling Office 365 Clients

Exam: Title : Windows 2000 Pro. Ver :

De La Salle University Information Technology Center. Microsoft Windows SharePoint Services and SharePoint Portal Server 2003

Cisco TelePresence Management Suite Extension for Microsoft Exchange

VMware Mirage Web Management Guide

ArcGIS 10.5, ArcGIS Pro 1.4, and ArcGIS Earth 1.4 Enterprise Deployment. An Esri Technical Paper March 2017

Network Management Utility

Docusnap X - Windows Firewall Exceptions. Configuring Windows Firewall Exceptions for Docusnap

NETWRIX GROUP POLICY CHANGE REPORTER

Windows 2000 System Administration Handbook, 1/e

Installation Guide. . All right reserved. For more information about Specops Command and other Specops products, visit

Server based Networking & Security IS375 Group 5 Project. The purpose of this project is to put into practice what we learned in classroom.

Network installation guide. Version 3 27 th September 2016

Xcalibur Global Version Rev. 2 Administrator s Guide Document Version 1.0

User Guide. BlackBerry Workspaces for Windows. Version 5.5

8.0 Help for Community Managers About Jive for Google Docs...4. System Requirements & Best Practices... 5

DigitalPersona Pro Enterprise

Transcription:

Below is the list of Windows Server Group Policy Interview Questions Asked in Windows System Administrator / L1/l2/l3 Support Engineer Interviews. What is group policy in active directory? What are Group Policy objects (GPOs)? Group Policy objects, other than the local Group Policy object, are virtual objects. The policy setting information of a GPO is actually stored in two locations: the Group Policy container and the Group Policy template. The Group Policy container is an Active Directory container that stores GPO properties, including information on version, GPO status, and a list of components that have settings in the GPO. The Group Policy template is a folder structure within the file system that stores Administrative Template-based policies, security settings, script files, and information regarding applications that are available for Group Policy Software Installation. The Group Policy template is located in the system volume folder (Sysvol) in the \Policies subfolder for its domain. What is the order in which GPOs are applied? Group Policy settings are processed in the following order: 1.Local Group Policy object : Each computer has exactly one Group Policy object that is stored locally. This processes for both computer and user Group Policy processing. 2.Site : Any GPOs that have been linked to the site that the computer belongs to are processed next. Processing is in the order that is specified by the administrator, on the Linked Group Policy Objects tab for the site in Group Policy Management Console (GPMC). The GPO with the lowest link order is processed last, and therefore has the highest precedence. 3.Domain: Processing of multiple domain-linked GPOs is in the order specified by the administrator, on the Linked Group Policy Objects tab for the domain in GPMC. The GPO with the lowest link order is processed last, and therefore has the highest precedence. 4.Organizational units : GPOs that are linked to the organizational unit that is highest in the Active Directory hierarchy are processed first, then POs that are linked to its child organizational unit, and so on. Finally, the GPOs that are linked to the organizational unit that contains the user or computer are processed. At the level of each organizational unit in the Active Directory hierarchy, one, many, or no GPOs can be linked. If several GPOs are linked to an organizational unit, their processing is in the order that is specified by the administrator, on the Linked Group Policy Objects tab for the organizational unit in GPMC. The GPO with the lowest link order is processed last, and therefore has the highest precedence. This order means that the local GPO is processed first, and GPOs that are linked to the organizational unit of which the computer or user is a direct member are processed last, which overwrites settings in the earlier GPOs if there are conflicts. (If there are no conflicts, then the earlier and later settings are merely aggregated.)

How to backup/restore Group Policy objects? Begin the process by logging on to a Windows Server 2008 domain controller, and opening the Group Policy Management console. Now, navigate through the console tree to Group Policy Management Forest: Domains Group Policy Objects. When you do, the details pane should display all of the group policy objects that are associated with the domain. In Figure A there are only two group policy objects, but in a production environment you may have many more. The Group Policy Objects container stores all of the group policy objects for the domain. Now, right-click on the Group Policy Objects container, and choose the Back Up All command from the shortcut menu. When you do, Windows will open the Back Up Group Policy Object dialog box. As you can see in Figure B, this dialog box requires you to provide the path to which you want to store the backup files. You can either store the backups in a dedicated folder on a local drive, or you can place them in a folder on a mapped network drive. The dialog box also contains a Description field that you can use to provide a description of the backup that you are creating. You must provide the path to which you want to store your backup of the group policy objects. To initiate the backup process, just click the Back Up button. When the backup process completes, you should see a dialog box that tells you how many group policy objects were successfully backed up. Click OK to close the dialog box, and you re all done. When it comes to restoring a backup of any Group Policy Object, you have two options. The first option is to right-click on the Group Policy Object, and choose the Restore From Backup command from the shortcut menu. When you do this, Windows will remove all of the individual settings from the Group Policy Object, and then implement the settings found in the backup. Your other option is to right-click on the Group Policy Object you want to restore, and choose the Import Settings option. This option works more like a merge than a restore. Any settings that presently reside within the Group Policy Object are retained unless there is a contradictory settings within the file that is being imported. You want to standardize the desktop environments (wallpaper, My Documents, Start menu, printers etc.) on the computers in one department. How would you do that? go to Start->programs->Administrative tools->active Directory Users and Computers Right Click on Domain->click on preoperties On New windows Click on Group Policy Select Default Policy->click on Edit on group Policy console go to User Configuration->Administrative Template->Start menu and Taskbar Select each property you want to modify and do the same What?s the difference between software publishing and assigning? Assign Users :The software application is advertised when the user logs on. It is installed

when the user clicks on the software application icon via the start menu, or accesses a file that has been associated with the software application. Assign Computers :The software application is advertised and installed when it is safe to do so, such as when the computer is next restarted. Publish to users : The software application does not appear on the start menu or desktop. This means the user may not know that the software is available. The software application is made available via the Add/Remove Programs option in control panel, or by clicking on a file that has been associated with the application. Published applications do not reinstall themselves in the event of accidental deletion, and it is not possible to publish to computers. What are administrative templates? Administrative Templates are a feature of Group Policy, a Microsoft technology for centralised management of machines and users in an Active Directory environment. Administrative Templates facilitate the management of registry-based policy. An ADM file is used to describe both the user interface presented to the Group Policy administrator and the registry keys that should be updated on the target machines. An ADM file is a text file with a specific syntax which describes both the interface and the registry values which will be changed if the policy is enabled or disabled. ADM files are consumed by the Group Policy Object Editor (GPEdit). Windows XP Service Pack 2 shipped with five ADM files (system.adm, inetres.adm, wmplayer.adm, conf.adm and wuau.adm). These are merged into a unified namespace in GPEdit and presented to the administrator under the Administrative Templates node (for both machine and user policy). Can I deploy non-msi software with GPO? create the fiile in.zap extension. Name some GPO settings in the computer and user parts? Group Policy Object (GPO) computer=computer Configuration, User=User ConfigurationName some GPO settings in the computer and user parts. A user claims he did not receive a GPO, yet his user and computer accounts are in the right OU, and everyone else there gets the GPO. What will you look for? make sure user not be member of loopback policy as in loopback policy it doesn t effect user settings only computer policy will applicable. if he is member of gpo filter grp or not? You may also want to check the computers event logs. If you find event ID 1085 then you may want to download the patch to fix this and reboot the computer. How can I override blocking of inheritance? What can I do to prevent inheritance from above? Name a few benefits of using GPMC. How frequently is the client policy refreshed? 90 minutes give or take.

Where is secedit? It s now gpupdate. What can be restricted on Windows Server 2003 that wasn t there in previous products? Group Policy in Windows Server 2003 determines a users right to modify network and dialup TCP/IP properties. Users may be selectively restricted from modifying their IP address and other network configuration parameters. You want to create a new group policy but do not wish to inherit. Make sure you check Block inheritance among the options when creating the policy. How does the Group Policy No Override and Block Inheritance work? Group Policies can be applied at multiple levels (Sites, domains, organizational Units) and multiple GP s for each level. Obviously it may be that some policy settings conflict hence the application order of Site Domain Organization Unit and within each layer you set order for all defined policies but you may want to force some polices to never be overridden (No Override) and you may want some containers to not inherit settings from a parent container (Block Inheritance). A good definition of each is as follows: No Override This prevents child containers from overriding policies set at higher levels Block Inheritance Stops containers inheriting policies from parent containers No Override takes precedence over Block Inheritance so if a child container has Block Inheritance set but on the parent a group policy has No Override set then it will get applied. Also the highest No Override takes precedence over lower No Override s set. To block inheritance perform the following: 1. Start the Active Directory Users and Computer snap-in (Start Programs Administrative Tools Active Directory Users and Computers) 2. Right click on the container you wish to stop inheriting settings from its parent and select 3. Select the Group Policy tab 4. Check the Block Policy inheritance option 5. Click Apply then OK To set a policy to never be overridden perform the following: 1. Start the Active Directory Users and Computer snap-in (Start - - Administrative Tools Active Directory Users and Computers) 2. Right click on the container you wish to set a Group Policy to not be overridden and select Properties 3. Select the Group Policy tab 4. Click Options

5. Check the No Override option 6. Click OK 7. Click Apply then OK Basic Windows System Administrator Interview Questions & Answers Q: - What s the difference between local, global and universal groups? Domain local groups assign access permissions to global domain groups for local domain resources. Global groups provide access to resources in other trusted domains. Universal groups grant access to resources in all trusted domains. Q: -I am trying to create a new universal user group. Why can t I? Universal groups are allowed only in native-mode Windows Server 2003 environments. Native mode requires that all domain controllers be promoted to Windows Server 2003 Active Directory. Q: -What is LSDOU? It s group policy inheritance model, where the policies are applied to Local machines, Sites, Domains and Organizational Units. Q: - Why doesn't LSDOU work under Windows NT? If the NTConfig.pol file exist, it has the highest priority among the numerous policies. Q: -Where are group policies stored? %SystemRoot%System32\GroupPolicy Q: -What is GPT and GPC? Group Policy Template and Group Policy Container. Q: - Where is GPT stored? %SystemRoot%\SYSVOL\sysvol\domainname\Policies\GUID Q: - You change the group policies, and now the computer and user settings are in conflict. Which one has the highest priority? The computer settings take priority. Q: - 10. What s contained in administrative template conf.adm? Microsoft NetMeeting policies

Q: -How can you restrict running certain applications on a machine? Via group policy, security settings for the group, then Software Restriction Policies. Q: -You need to automatically install an app, but MSI file is not available. What do you do? A.zap text file can be used to add applications using the Software Installer, rather than the Windows Installer. Q: - What s the difference between Software Installer and Windows Installer? The former has fewer privileges and will probably require user intervention. Plus, it uses.zap files. Q: -What can be restricted on Windows Server 2003 that wasn't there in previous products? Group Policy in Windows Server 2003 determines a users right to modify network and dial-up TCP/IP properties. Users may be selectively restricted from modifying their IP address and other network configuration parameters. Q: -How frequently is the client policy refreshed? 90 minutes give or take.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback