Create and Manage GPOs Flashcards
Outside of an Active Directory environment, which policies take priority: Local Group Policy, Administrator/Non-Admin Policies, or User-Specific Group Policies?
User-specific policies takes highest priority followed by Administrator/Non-Admin policies
Where are starter GPOs located within Group Policy Management?
Navigate to: Forest: RootDomain > Domain > Starter GPOs
How do you create a starter GPO?
Within GPMC, right click on Starter GPOs and select New
How do you configure GPO links?
Within GPMC, right click on OU and select “Create a GPO in this domain, and Link it here…”
How do you back up a GPO?
Within GPMC, navigate to: Forest: RootDomain > Domain > GPOs
Right click on GPO to be backed up and select Back Up
How do you restore a GPO?
Within GPMC, navigate to:
Forest: RootDomain > Domain > GPOs
Right click on GPO and select Restore from Back up
How do you import a GPO?
Within GPMC, navigate to:
Forest: RootDomain > Domain > GPOs
Right click on GPO and select Import Settings
How do you copy/paste a GPO?
Within GPMC, navigate to:
Forest: RootDomain > Domain > GPOs
Right click on GPO and select Copy.
Right click on OU/GPO and select Paste
How do you create and configure a migration table?
- Right click on Group Policy Objects and select Open Migration Table Editor.
- Import GPO
- Specify destination locations
- Save
How do you reset default GPOs?
Run the command-line utility “dcgpofix”
How do you delegate Group Policy management?
- Within GPMC, navigate to the specific Domain and view the Delegation tab
- Within AD UC, right click on an OU and select Delegation Control
Where do you go to detect health issues using the Group Policy Infrastructure Status page?
Within GPMC, navigate to the status tab of the Domain and select “Detect Now”
Which takes precedence, an OU with disabled Inheritance or the above GPO with enforcement?
GPO enforcement
How do you block inheritance on an OU?
Right click on OU and select “Block Inheritance”
How do you enforce a GPO?
Right click on GPO and select “Enforce”
How do you configure a central store?
- Create a folder named PolicyDefinitions within the \domain.com\SYSVOL\nutex.com\policies folder on any domain controller
- Copy the \Windows\PolicyDefinition folder from a Windows 10 computer to the SYSVOL\domain.com\policies folder on the domain controller
What can GPO’s be linked to?
GPO’s can only be linked to a domain, OU, or Active Directory site
What is the difference between a restore and an import of a GPO?
A GPO can only be restored from a back up that is on the same domain due to SIDs needing to match.
An imported GPO can come from any domain due to SIDs not needing to match
What naming formats are allowed when inputting names in the Source Name column within the Migration Table Editor?
UPN: user@domain.com
SAM: domain\user
SID: S-1-11-111111111-111111111-1111111111-1112
DNS: domain.com\user
What can be used to check whether GPO policies have been replicated correctly between Domain Controllers?
Group Policy Status report
Viewed by opening GPMC > Expand Domains > Highlight name of domain.
In right-hand pane, click on Status tab.
At bottom of page, click on Detect Now to create report.
What PowerShell cmdlet can be used to determine the net effect of combined GPO’s and settings on an AD object (RSoP) to a file?
Get-GPResultanSetofPolicy cmdlet
The gpresult command-line utility performs the same function
What PowerShell cmdlet generates a report in either XML or HTML format that describes properties and policy settings for a specified GPO or for all GPO’s in the domain?
Get-GPOReport
What settings can be configured within Preferences inside of Group Policy?
Environment variables, registry settings, drive mapping, folder creation, folder updates, shortcuts, scheduled tasks, services settings and local users and group configurations
What tool is used to convert .adm files to .admx files, and edit Administrative Templates?
ADMX Migrator tool
