“Customizing screensavers?” I hear you cry, “That’s a bit retro isn’t it?”
Nowadays screensavers have more or less disappeared. It makes much more sense to just turn off the screen after 10 minutes of inactivity. However, there are some instances where a screensaver can be useful, for example, an always-on kiosk or even digital signage.
One of the more useful standard screensavers in the Windows operating system is called “3D Text”. Useful because by default it will display the time but can be customized to display some text instead
Continue reading Customizing the Text ScreenSaver with Group Policy
We use Group Policy to tweak the default settings on Microsoft Servers and PCs. You edit the policies using the Group Policy Editor console (gpedit.msc) but to manage the policies you use the Group Policy Management Console (gpmc.msc). The more policies you start to create, the more confusing managing them can become and with each new version of Microsoft software (Office included) new Group Policy templates are added. This article is to give you an insight into exactly what the Group Policy Management Console (GPMC) is about and how everything links together.
It’s always best to edit policies from the latest OS. This is one of the reasons to always have a VM somewhere with the latest OS purely for Group Policy. Alternatively, if you are using the latest OS then you can install the GPMC from the Remote Server Administration Tools (RSAT) and then edit the policies from there. If you don’t, it’s not a big issue but some policies won’t be available. All of the templates can be stored in a central location in Active Directory so they can be accessed by all domain machines. There is some debate whether it is best to have the policies held locally rather than in the central store but I think it works well. By default this is \\DCName\sysvol\domain.name\Policies\PolicyDefinitions. If you ever download a new template you will need to put it in there. For more details on activating the central store se the following Microsoft Support article
Inheritance & Precedence
Group Policies Objects (GPOs) are created in the Group Policy Objects folder in GPMC. Policies are then linked to Active Directory Organizational Units (OUs). You can link as many Policies as you like to an OU and you can also link the same policy to as many OUs as you like. You can also block inheritance by right-clicking an OU and disabling it. The precedence of any GPOs, i.e. what GPO policy wins out of any competing policies, can be changed in the Linked GPO tab of an OU. Normally the deepest policy wins.
Continue reading Group Policy Management Overview
Just a quick article here for a late Friday afternoon article.
If you managed Microsoft Windows Active Directory based domains you should be very familiar with the management console Active Directory Users and Computers (ADUC). When you have a sprawling OU design it can be difficult to find the user, computer or group that needs your attention. I set up a few saved queries to give me an easy to read list view of certain object types. If you can’t figure out how to create a new saved query then you may be in the wrong job but the is a comprehensive guide over at the Petri IT Knowledgebase. The 3 I use most often are set up as follows
- All Devices
- A simple query where just the computer object must have a value to display
- All Users
- Same as above, just make sure you are focussing on Users not Computers
- Locked accounts
- My most useful time saver. This one is only slightly more tricky as you need to enter a custom search string. Credit goes to an article on WinodwsNetworking.com for this one. By using the string below, when somebody calls to say they have been locked out, I can quickly bring up this saved query and unlock them in a matter of seconds
You can really go to town on these queries and there is a great list already created for you, back over on the Petri IT Knowledgebase