NOTE: The author will not accept responsibility for damages as a result of following the suggestions below. They are provided “as is” and intended only as a rough guide. You should always back up your servers System State prior to changing Group Policies. USE AT “YOUR OWN RISK”.
There are many Active Directory Group Polices which you may want to use. Below are some of the more common ones I use.
- Master Policies
- Default Domain Policies (security and password settings)
- Allow Printer Driver Install on Windows Vista
- Yes, Vista restricts users from installing Print Drivers even when you are on a domain
- Allow Remote Desktop Connections (RDP)
- Allow Remote Assistance (pay VERY close attention to the syntax)
- Firewall Changes to Allow File & Print Sharing, RDP, and Remote Administration
- Hide Security and Sharing Tabs
- Hide RESTORE button
- Enable Verbose Mode
- WSUS Update
- Only necessary if you have installed Windows Server Update Services
- Terminal Server Lockdown
- Only necessary if you have a Terminal Server to lock down
These policies need to be applied to the OU which contains the computer and/or users you want to effect.
Most of these policies work on Windows 2000 Server and newer but all of them function on Windows 2003 SP2 and Windows 2008 Server.
Other Handy Scripts that I commonly use are:
- Robocopy Backup of Common User Profile: This script will ask you what drive you what to backup to and then it will copy the current users desktop, Outlook, documents, favorites, videos, pictures and more
(rename the linked .TXT file to .BAT and then run it) - Disable The Restore Button on the PREVIOUS VERSIONS tab – Can be done via Group Policy; see MASTER POLICIES above
(rename the linked .TXT file to .BAT and then run it) - Hide the PC from Network Browser List
(rename the linked .TXT file to .REG and then run it) - Update the REGISTERED OWNER information
(update the information, rename the linked .TXT file to .REG and then run it) - Enable Verbose Mode in Vista, Windows 7, and Server 2008 so when your machine is booting or shutting down you know what the Hell it is doing – Can be done via Group Policy; see MASTER POLICIES above ; also see Microsoft kb325376
(rename the linked .TXT file to .REG and then run it) - Turn Number Lock ON by Default
(rename the linked .TXT file to .REG and then run it) - Turn Number Lock OFF by Default
(rename the linked .TXT file to .REG and then run it) - Clear Office 2007 Registered Owner Information
(update the information, rename the linked .TXT file to .REG and then run it)
0 Comments