Direct Inward Dialing: +1 408 916 9393
Group Policy Objects (GPOs) are commonly used by organizations to implement security policies and other controls on Active Directory user and computer accounts. This article is a useful guide on what group policies are, their purpose, along with what GPOs are in Active Directory. It will also cover how to install the Group Policy Management Console (GPMC) in Windows as well as some basic GPO tasks, like creating, editing, and linking GPOs.
A GPO is a group of settings that can be customized to define the resources a user or computer can view or access. The scope of a GPO can be just a local computer or extend to organizational units (OUs), domains, or sites. When you assign a GPO to a container, it is called linking the GPO. You can restrict how the GPOs are applied by using security groups to filter out which groups or users the GPO will impact, or you can block the GPO through inheritance. A Windows Management Instrumentation (WMI) filter can also be used to restrict the application of a GPO.
Before the GPMC was introduced, there was no single unified tool for Group Policy management. Users had to use multiple tools like the Active Directory Users and Computers snap-in, the Active Directory Sites and Services snap-in, the Resultant Set of Policy snap-in, the GPMC Delegation Wizard, and the ACL Editor for GPO management. The GPMC does not replace the Active Directory Users and Computers snap-in but instead provides a unified console for managing GPOs.