“Customizing screensavers?” I hear you cry, “That’s a bit retro isn’t it?”
Nowadays screensavers have more or less disappeared. It makes much more sense to just turn off the screen after 10 minutes of inactivity. However, there are some instances where a screensaver can be useful, for example, an always-on kiosk or even digital signage.
One of the more useful standard screensavers in the Windows operating system is called “3D Text”. Useful because by default it will display the time but can be customized to display some text instead
We use Group Policy to tweak the default settings on Microsoft Servers and PCs. You edit the policies using the Group Policy Editor console (gpedit.msc) but to manage the policies you use the Group Policy Management Console (gpmc.msc). The more policies you start to create, the more confusing managing them can become and with each new version of Microsoft software (Office included) new Group Policy templates are added. This article is to give you an insight into exactly what the Group Policy Management Console (GPMC) is about and how everything links together.
It’s always best to edit policies from the latest OS. This is one of the reasons to always have a VM somewhere with the latest OS purely for Group Policy. Alternatively, if you are using the latest OS then you can install the GPMC from the Remote Server Administration Tools (RSAT) and then edit the policies from there. If you don’t, it’s not a big issue but some policies won’t be available. All of the templates can be stored in a central location in Active Directory so they can be accessed by all domain machines. There is some debate whether it is best to have the policies held locally rather than in the central store but I think it works well. By default this is \\DCName\sysvol\domain.name\Policies\PolicyDefinitions. If you ever download a new template you will need to put it in there. For more details on activating the central store se the following Microsoft Support article
Inheritance & Precedence
Group Policies Objects (GPOs) are created in the Group Policy Objects folder in GPMC. Policies are then linked to Active Directory Organizational Units (OUs). You can link as many Policies as you like to an OU and you can also link the same policy to as many OUs as you like. You can also block inheritance by right-clicking an OU and disabling it. The precedence of any GPOs, i.e. what GPO policy wins out of any competing policies, can be changed in the Linked GPO tab of an OU. Normally the deepest policy wins. Continue reading →
Just a quick article here for a late Friday afternoon article.
If you managed Microsoft Windows Active Directory based domains you should be very familiar with the management console Active Directory Users and Computers (ADUC). When you have a sprawling OU design it can be difficult to find the user, computer or group that needs your attention. I set up a few saved queries to give me an easy to read list view of certain object types. If you can’t figure out how to create a new saved query then you may be in the wrong job but the is a comprehensive guide over at the Petri IT Knowledgebase. The 3 I use most often are set up as follows
A simple query where just the computer object must have a value to display
Same as above, just make sure you are focussing on Users not Computers
My most useful time saver. This one is only slightly more tricky as you need to enter a custom search string. Credit goes to an article on WinodwsNetworking.com for this one. By using the string below, when somebody calls to say they have been locked out, I can quickly bring up this saved query and unlock them in a matter of seconds
This article describes the steps I took when we decided to merge to sister companies into one domain. I have, in the past, used the Active Directory Migration Tool. The ADMT, currently at version 3.0 “provides an integrated toolset to facilitate migration and restructuring tasks in an Active Directory infrastructure”. It works great and has loads of guidance on how to go about the daunting task of migrating 200 users from an NT 4 domain to Active Directory, merging domains or restructuring numerous sub-domains. However, it involves a lot of planning and background fiddling to get it working. In my current situation I needed to migrate only 20 users to our main domain so I didn’t really want the hassle of reading through the mammoth migration guide. Neither did I want to add everybody one by one. Therefore, I created the following method that did everything I needed as quickly as possible, without making my brain hurt 🙂 Continue reading →