Category: Microsoft Group Policy Object

Group Policy Object – Disable Windows PowerShell

You may use a Microsoft Active Directory (AD) Group Policy Object (GPO) to restrict access to the Windows PowerShell. Below you will find the settings for this configuration. Computer Configuration > Policies > Windows Settings > Security Settings > Software Restrictions > Additional Rules Right click Additional Rules and select New Path Rule…. In the New…


Group Policy Object – Disable Server Manager

You may create a Group Policy Object (GPO) to prevent access to the Microsoft Windows Server 2012 R2 Server Manager as well as prevent it from opening automatically after login. Below you will find the settings for this configuration. Computer Configuration > Policies > Administrative Templates > System > Server Manager > Do not display Server…


Group Policy Object – Hide Drives in My Computer

You may use the following setting to configure a Group Policy Object (GPO) in Microsoft Windows Server 2012 R2 that will allow you to restrict access to local drives in My Computer. User Configuration > Policies > Administrative Templates > Windows Components > File Explorer > Hide these specified drives in My Computer


Microsoft Group Policy Object – Disable Default Domain Policy Password Policy

You may use the following method to disable the Password Policy settings in the Default Domain Policy. I do not recommend this for a production network, which should use a password policy, but it may be used in a home lab. GPO Path: Computer Configuration/Policies/Windows Settings/Security Settings/Account Policies/Password Policy GPO Settings: Enforce Password History/0 GPO Settings:…


Microsoft Group Policy Object – “TCP/IP NetBIOS Helper” Service

Yesterday, I continued with the application of Group Policy Objects (GPO) for our workstation (desktop and laptop) users. When running gpupdate /force for a particular user, whose desktop is running Windows XP, I noticed that the GPO wasn’t being applied. Part of my troubleshooting was to determine if the user’s desktop could access the \\domain.com\SYSVOL directory….


Microsoft Group Policy Object – Event ID 1030, 1097 and 1110

At my current employer I have been creating Group Policy Objects (GPO) in an effort to centrally administer the workstation environment, provide automation and provide consistency in workstation deployment and management. After running gpupdate and gpresult on a Microsoft Windows XP desktop I realized that the GPOs were not being applied. After looking through the Event Viewer logs…


Microsoft Group Policy Object – Group Policy Preference Client Side Extensions for Windows XP (KB943729)

I am currently in the process of automating the desktop deployment for my current employer. As a solution I am using Microsoft Group Policy Object (GPO) to map the network drives for the users. To date, most of my experience has been testing GPOs with Microsoft Windows 7 but today I was testing a GPO…


Microsoft Windows 7 – Modifying Profiles for Shortcuts, Folders or Files

You may use the following method, in Microsoft Windows 7, to modify the default profile and create changes in every users profile. For instance, you may add a particular shortcut, folder or file to the desktop of every single user. In Windows 7 navigate to: C:\Users\Default\Desktop Once you are in this directory you may place…


Group Policy Object – Map Network Drive

You may use the following Microsoft Active Directory (AD) Group Policy Object (GPO) settings to map a network drive in Windows XP/7. GPO Path: User Configuration\Preferences\Windows Settings\Drive Maps GPO Settings: New\Mapped Drive Additionally, you may specify which users the GPO applies to by using Item-level targeting under the Common tab. My recommendation is a Security…


Group Policy Object – Standard Security Settings GPO

You may use the following Windows Server 2012 Group Policy Object (GPO) settings to configure basic security settings for Windows Server 2008/2012/2012 R2 or Windows 7/8/8.1.   Local Logon and Local Administrators GPO Path: Computer Configuration\Policies\Windows Settings\Security Settings\Local Policies\User Right Assignment GPO Setting: Allow log on locally (used to define this user group) GPO Path: Computer…