Edit Domain Group Policy



Main Page > Server Software > Windows > Windows Server 2012
  • The Group Policy Management Editor console opens. In the Group Policy Management Editor console, expand the following path: Computer Configuration, Policies, Administrative Templates: Policy definitions (ADMX files) retrieved from the local computer, Network, BranchCache. Click BranchCache, and then in the details pane, double-click.
  • Group policy can be accessed via the Group Policy Editor. To start the Group Policy Editor, follow the following steps. Log into the computer using an account that has administrator privileges. This is important. Using just a plain user account will not work well with the Group Policy Editor. Go to the Start menu.
  • Open Local Group Policy Editor in Start Menu Control Panel Open the Control Panel on the Start Menu. Click the Windows icon on the Toolbar, and then click the widget icon for Settings. Start typing ‘group policy’ or ‘gpedit’ and click the option to ‘Edit Group Policy.
  • In another File Explorer or Windows Explorer window, open the folder for your Group Policy templates, which is C:WindowsPolicyDefinitions. Drag and drop or copy and paste the msedge.admx.

In this article you will see and example of Group Policy and how it can help you with permission of managing multiple users simultaneously.

In the Group Policy Management Console tree, click Change Control in the forest and domain in which you want to manage GPOs. On the Contents tab in the details pane, click the Controlled tab. Right-click MyGPO, and then click Save as Template to create a template incorporating all settings currently in MyGPO.

Installation and Configuration of Windows Server 2012 Domain

If you are installing a 2012 Windows Server and have problems in setting up and configuring the Windows Server Active Directory Domain Services, please see the following linked article, which explains the steps accurately.

Creating and Managing a Group Policy

By using the Group Policy Management you can assign the various organizational units different group policies.

Using this simple example you can see how the group policy is created and managed.

In this example a folder named 'Technical Support' is created in the organizational unit 'Technical Support' automatically at the time of login.

The following set of screen shots will display the individual steps that need to be taken:

  • Right click on an organizational unit and then click 'Create and Link the Group Policy object' to create your group policy object.

  • You can enter any group policy object name here. When finished, click 'OK'.

  • Right click on the Group Policy Object and then click edit.

  • Right click on white space and then on Create New Folder.

  • Enter the path and name of the folder to create. IMPORTANT! To enter multiple users use the variable '%USERNAME%'. When finished click 'Apply'.

  • In the Policy Management Tool you can now control the GPOs created.

As soon as you login with the created user to the appropriate Organizational Unit, the corresponding folder is created on the desktop.


Retrieved from 'https://www.thomas-krenn.com/en/wikiEN/index.php?title=Creating_and_managing_a_Group_Policy_on_a_Windows_2012_Server&oldid=1898'
-->Edit Domain Group Policy

Applies to: Windows Server (Semi-Annual Channel), Windows Server 2016

In this section, you create a Group Policy Object for all of the computers in your organization, configure domain member client computers with distributed cache mode or hosted cache mode, and configure Windows Firewall with Advanced Security to allow BranchCache traffic.

Edit Domain Group Policy Powershell

This section contains the following procedures.

Edit Domain Group Policy

Tip

In the following procedure, you are instructed to create a Group Policy Object in the Default Domain Policy, however, you can create the object in an organizational unit (OU) or other container that is appropriate for your deployment.

You must be a member of Domain Admins, or equivalent to perform these procedures.

To create a Group Policy Object and configure BranchCache modes

Edit Domain Group Policy Server 2012

  1. On a computer upon which the Active Directory Domain Services server role is installed, in Server Manager, click Tools, and then click Group Policy Management. The Group Policy Management console opens.

  2. In the Group Policy Management console, expand the following path: Forest:example.com, Domains, example.com, Group Policy Objects, where example.com is the name of the domain where the BranchCache client computer accounts that you want to configure are located.

  3. Right-click Group Policy Objects, and then click New. The New GPO dialog box opens. In Name, type a name for the new Group Policy Object (GPO). For example, if you want to name the object BranchCache Client Computers, type BranchCache Client Computers. Click OK.

  4. In the Group Policy Management console, ensure that Group Policy Objects is selected, and in the details pane right-click the GPO that you just created. For example, if you named your GPO BranchCache Client Computers, right-click BranchCache Client Computers. Click Edit. The Group Policy Management Editor console opens.

  5. In the Group Policy Management Editor console, expand the following path: Computer Configuration, Policies, Administrative Templates: Policy definitions (ADMX files) retrieved from the local computer, Network, BranchCache.

  6. Click BranchCache, and then in the details pane, double-click Turn on BranchCache. The policy setting dialog box opens.

  7. In the Turn on BranchCache dialog box, click Enabled, and then click OK.

  8. To enable BranchCache distributed cache mode, in the details pane, double-click Set BranchCache Distributed Cache mode. The policy setting dialog box opens.

  9. In the Set BranchCache Distributed Cache mode dialog box, click Enabled, and then click OK.

  10. If you have one or more branch offices where you are deploying BranchCache in hosted cache mode, and you have deployed hosted cache servers in those offices, double-click Enable Automatic Hosted Cache Discovery by Service Connection Point. The policy setting dialog box opens.

  11. In the Enable Automatic Hosted Cache Discovery by Service Connection Point dialog box, click Enabled, and then click OK.

    Note

    When you enable both the Set BranchCache Distributed Cache mode and the Enable Automatic Hosted Cache Discovery by Service Connection Point policy settings, client computers operate in BranchCache distributed cache mode unless they find a hosted cache server in the branch office, at which point they operate in hosted cache mode.

  12. Use the procedures below to configure firewall settings on client computers by using Group Policy.

To configure Windows Firewall with Advanced Security Inbound Traffic Rules

Edit Domain Group Policy

  1. In the Group Policy Management console, expand the following path: Forest:example.com, Domains, example.com, Group Policy Objects, where example.com is the name of the domain where the BranchCache client computer accounts that you want to configure are located.

  2. In the Group Policy Management console, ensure that Group Policy Objects is selected, and in the details pane right-click the BranchCache client computers GPO that you created previously. For example, if you named your GPO BranchCache Client Computers, right-click BranchCache Client Computers. Click Edit. The Group Policy Management Editor console opens.

  3. In the Group Policy Management Editor console, expand the following path: Computer Configuration, Policies, Windows Settings, Security Settings, Windows Firewall with Advanced Security, Windows Firewall with Advanced Security - LDAP, Inbound Rules.

  4. Right-click Inbound Rules, and then click New Rule. The New Inbound Rule Wizard opens.

  5. In Rule Type, click Predefined, expand the list of choices, and then click BranchCache - Content Retrieval (Uses HTTP). Click Next.

  6. In Predefined Rules, click Next.

  7. In Action, ensure that Allow the connection is selected, and then click Finish.

    Important

    You must select Allow the connection for the BranchCache client to be able to receive traffic on this port.

  8. To create the WS-Discovery firewall exception, again right-click Inbound Rules, and then click New Rule. The New Inbound Rule Wizard opens.

  9. In Rule Type, click Predefined, expand the list of choices, and then click BranchCache - Peer Discovery (Uses WSD). Click Next.

  10. In Predefined Rules, click Next.

  11. In Action, ensure that Allow the connection is selected, and then click Finish.

    Important

    You must select Allow the connection for the BranchCache client to be able to receive traffic on this port.

To configure Windows Firewall with Advanced Security Outbound Traffic Rules

Open Domain Group Policy Editor

  1. In the Group Policy Management Editor console, right-click Outbound Rules, and then click New Rule. The New Outbound Rule Wizard opens.

  2. In Rule Type, click Predefined, expand the list of choices, and then click BranchCache - Content Retrieval (Uses HTTP). Click Next.

  3. In Predefined Rules, click Next.

  4. In Action, ensure that Allow the connection is selected, and then click Finish.

    Important

    You must select Allow the connection for the BranchCache client to be able to send traffic on this port.

  5. To create the WS-Discovery firewall exception, again right-click Outbound Rules, and then click New Rule. The New Outbound Rule Wizard opens.

  6. In Rule Type, click Predefined, expand the list of choices, and then click BranchCache - Peer Discovery (Uses WSD). Click Next.

  7. In Predefined Rules, click Next.

  8. In Action, ensure that Allow the connection is selected, and then click Finish.

    Important

    You must select Allow the connection for the BranchCache client to be able to send traffic on this port.





Comments are closed.