Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Group Policy is applied to user accounts by the same process as Windows devices due to loopback processing. Loopback processing enables the Group Policy service to modify the default behavior for retrieving settings and preferences for user accounts. The application of Group Policy to user accounts in the Austin Active Directory requires that loopback processing be enabled and set to Replace mode. This configures Group Policy to retreive user policy using the same method as computer policy. 

Department-managed Group Policy Objects

Department administrators can create GPOs via the Department GPO Tools (https://www.austin.utexas.edu/deptgpotools/) as well as directly via PowerShell or the Group Policy Management Console (GPMC). The setttings and preferences in a GPO can be managed via the Group Policy editor or, where supported, via PowerShell. The GPOs must adhere to the Active Directory naming policy.

...

Centrally-managed Group Policy Objects

The Active Directory team creates and applies GPOs required for the operation of the domain and as required by required GPOs to support Active Directory processses or to enforce security policy set by the Information Security Office (ISO). The required GPOs created by the Active Directory team will have the AUSTIN prefix and will be linked to either the domain root or the Departments container as needed. The required GPOs that enforce security policy will append ISO to the AUSTIN prefix. The required GPOs are documented below:

Child pages (Children Display)

The Active Directory team also creates optional GPOs that implement common settings. These GPOs are available for departments to apply to their own OUs. The optional GPOs created and managed by the Active Directory team will have the AUSTIN prefix to identify them to department administrators. A selection of the these GPOs are documented below.

...