Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Introduction: You can use Group Policy to provide or deny access to programs and

ID: 3539726 • Letter: I

Question

Introduction:

You can use Group Policy to provide or deny access to programs and data in your network, and to enforce policies regarding computer configuration - based on assigned privileges and security group memberships. Although Group Policy cannot be directly applied to groups, groups can be leveraged to control Group Policy application. Through the use of access control lists (ACLs) and permissions, an administrator can limit the users and groups that will be affected by a given GPO.


Consider the following scenario:


Healing Pharmaceuticals is implementing an Active Directory Group Policy plan. The company has placed its administrators into a security group named DomAdmins. The DomAdmins group is stored in the users' folder, and each administrator's user account is in the OU associated with their location. Healing Pharmaceuticals planned to create an appropriate GPO that disables numerous settings and can be applied to ordinary users, so that only a minimum number of applications and settings are available for ordinary users to do their jobs. This GPO applies to ordinary users, but not to administrators. While logging on, administrators notice that GPO settings are also being applied to the DomAdmins group.


Tasks:

Answer the following questions:

What are the two ways that can be used to keep administrators from being subjected to the GPO?

Would moving the user accounts of administrators to another OU address this problem? Will any additional problems be caused by moving the accounts?

Explanation / Answer

To see the security groups that were in effect when Group Policy was applied to a specific computer, look in the Group Policy Results report for that computer. Under both Computer Configuration Summary and User Configuration Summary, expand Security Group Membership when Group Policy was applied.

To check security filtering on a GPO

In GPMC, open Group Policy Objects node, select the GPO you are troubleshooting, and then in the right pane select the Scope tab. The Security Filtering and WMI Filtering panels show the current filtering configuration.

To see the exact set of permissions for users, groups and computers, select the Delegation tab and then click Advanced. Select the security group, user or computer you want to review. Keep the following in mind:

Related Questions

Introduction: A decision problem is what a manager faces when a decision must be
Question #412598
Introduction: A maximum length sequence (MLS) is a type of pseudorandom binary s
Question #2988175
Introduction: A mixing equation for any property X that is formed from two sourc
Question #592348
Introduction: Abbreviations (acronyms) are part and parcel of medical documentat
Question #165157
Introduction: Although the existence of radioactive materials has only been know
Question #2265543
Introduction: Give a brief overall description of PTSD. Describe any shared gene
Question #3461202
Introduction: If you have ever collected hockey cards (or other sports cards) yo
Question #3795062
Introduction: In the last decade, there has been a jump of social connection bet
Question #374400
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
Introduction: You are a consultant hired by a consumer products research company
Next
Introduction: You implemented a Deck class in Activity 2. This class should be c

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.