[gptalk] Re: hello

  • From: "Darren Mar-Elia" <darren@xxxxxxxxxx>
  • To: <gptalk@xxxxxxxxxxxxx>
  • Date: Thu, 17 Aug 2006 20:23:00 -0700

No worries. You can find the table of contents for our book here:
http://www.williamstanek.com/Group_Policy/index.htm
 
I don't know Ed Wilson. I do know Don Jones. He is a machine in the best
sense of the word. Don's scripting work is great and I while I haven't read
any of his books in a while, he's a super smart guy so I suspect they are of
high quality. In terms of WMI resources, Alain Lissoir is one of the
smartest guys I know on WMI and I know he has at least one WMI scripting
book, so I would check Amazon or your favorite book store for them. In terms
of your query, that's realy strange that it is looking for two domain names,
since I've used the query successfully with only one. But, I guess if it
works, don't fight it :)
 
Darren
 
 

  _____  

From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On
Behalf Of Mills, Mark
Sent: Thursday, August 17, 2006 3:08 PM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: hello



Oops sorry about that Darren, I always think of you in the context of the
GPOGuy website and as an Windows IT Pro editor.  Is there a web page that
shows the Table of Contents for your book - you got me interested.  Do you
have any opinions about the books written by Don Jones and Ed Wilson?
Their books are about Automation and Scripting.  As you have seen today I'm
getting more into WMI lately.  The final WMI script that worked today was :

Select * FROM Win32_ComputerSystem WHERE UserName <> 'DA\\da\\mmills'    I'm
not sure why the domain name has to be their twice but it works so I'm very
greatful for your earlier assistance.

 

Mark Mills, Sr. Network Engineer

Office Phone:  281-444-2300 x113

Email: mark.mills@xxxxxxxxxxxxxxxxxxxxxx 

  _____  

From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On
Behalf Of Darren Mar-Elia
Sent: Thursday, August 17, 2006 3:37 PM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: hello

 

And of course I would also humbly recommend the GP book I did with Derek
Melber and William Stanek: 

 

http://www.amazon.com/exec/obidos/redirect?link_code=ur2
<http://www.amazon.com/exec/obidos/redirect?link_code=ur2&camp=1789&tag=http
wwwgpogco-20&creative=9325&path=tg/detail/-/0735622175/qid=1122367169/sr=8-1
/ref=pd_bbs_1?v=glance&s=books&n=507846>
&camp=1789&tag=httpwwwgpogco-20&creative=9325&path=tg/detail/-/0735622175/qi
d=1122367169/sr=8-1/ref=pd_bbs_1?v=glance&s=books&n=507846

 

  _____  

From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On
Behalf Of Mills, Mark
Sent: Thursday, August 17, 2006 12:30 PM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: hello

Gray 

 

So you're new to Group Policy.  I started working with it about 6 month ago.
Below are some tidbits that may help you. I'm not claiming to be an expert,
and admit I am new also to GP, but I am trying to take a granular approach
to GP so I can get the most out of it in a single domain (not a Forest) .  I
also highly recommend the book mentioned below by Jeremy Moskowitz.

 

My personal opinions

 

1)      keep all your user objects in their own "USER OU Branches" and keep
all your computer objects in their own Computer OU Branches.  (see
representation below) 

2)      Name your polices in a format so that you know what branch it
effects.  All GPOs that effect the Computer configuration should have names
that start with the words "Computer - "  and all for the User Configuration
should start with "Computer -"  It will help you understand and manage your
GPO's better and know the proper place to apply them in most cases (accept
where loopback is enabled) 

3)      Learn about Loop Back Processing as soon as possible - it is a great
feature

4)      Nothing anyone may tell you - including me-  may be right for your
organization, for best results analyze your needs and use Group Policy
accordingly.

 

5)      Representation mentioned in item 1 above:  keep all your user
objects in their own "USER OU Branches" and keep all your computer objects
in their own Computer OU Branches.  (see representation below) 

 

 

Group Policy Manangement

-------Forest: mydomain.com

------------Domains

------------------MyDomain.com

--------------------Default Domain Group Policy Object Link

----------------------Active Group Policies OU

-----------------------------Computer Policies OU

---------------------------------Enforced Group Policy Object Link

------------------------------------AccountingDept Computer OU (put your
Accounting PC's here)

--------------------------------------- Computer Config Group Policy Object
Link 1 (this is an applied GPO) 

--------------------------------------- Computer Config Group Policy Object
Link 2 (this is an applied GPO)

------------------------------------MarketingDept Computer OU (put your Mktg
PC's here)

------------------------------------Programmers Computer OU  (.OK you get
the idea)

-----------------------------User Policies OU

---------------------------------Enforced Group Policy Object Link

------------------------------------Accounting Dept OU (put your Accounting
User's here)

--------------------------------------- User Config Group Policy Object Link
1 (this is an applied GPO)

--------------------------------------- User Config Group Policy Object Link
(this is an applied GPO)

------------------------------------MarketingDept User  OU (put your Mktg
User's here)

------------------------------------ProgrammerDept User OU  (.OK you get the
idea)

 

 

 

Good name to know:  Jeremy Moskowitz

His Awesome  book :  Third Edition of Group Policy, Profiles, and
IntelliMirror 

Related Site:  http://www.gpanswers.com/book/

 

 

Great GP sites for help

http://gpanswers.com <http://gpanswers.com/>  

http://www.gpoguy.com/ 

http://www.activedir.org/article.aspx?aid=25 

 

Group Policy Management Console with 2003 Service Pack 1included.

http://www.microsoft.com/downloads/details.aspx?familyid=0A6D4C24-8CBD-4B35-
9272-DD3CBFC81887
<http://www.microsoft.com/downloads/details.aspx?familyid=0A6D4C24-8CBD-4B35
-9272-DD3CBFC81887&displaylang=en> &displaylang=en

 

Group Policy Settings Reference for Windows Server 2003 with Service Pack 1
(Excel sheet with all GP settings) 

http://www.microsoft.com/downloads/details.aspx?familyid=7821C32F-DA15-438D-
8E48-45915CD2BC14
<http://www.microsoft.com/downloads/details.aspx?familyid=7821C32F-DA15-438D
-8E48-45915CD2BC14&displaylang=en> &displaylang=en 

 

GPO backups info

http://www.windowsitlibrary.com/Content/1635/04/1.html

 

Group Policy ADM files
http://www.microsoft.com/downloads/details.aspx?FamilyId=92759D4B-7112-4B6C-
AD4A-BBF3802A5C9B
<http://www.microsoft.com/downloads/details.aspx?FamilyId=92759D4B-7112-4B6C
-AD4A-BBF3802A5C9B&displaylang=en#top> &displaylang=en#top 

 

Recommendations for administering Group Policy ADM files
http://support.microsoft.com/default.aspx?scid=kb;en-us;816662#top 

 

 

Windows KB related to GP: http://support.microsoft.com/?kbid=842804 

 

Scripting help and support:

http://www.scriptinganswers.com <http://www.scriptinganswers.com/> 

 

WQL (SQL for WMI)
http://windowssdk.msdn.microsoft.com/en-us/library/ms758365.aspx 

 

WMI Code Creator v1.0

http://www.microsoft.com/downloads/details.aspx?familyid=2CC30A64-EA15-4661-
8DA4-55BBC145C30E
<http://www.microsoft.com/downloads/details.aspx?familyid=2CC30A64-EA15-4661
-8DA4-55BBC145C30E&displaylang=en> &displaylang=en 

 

Delegation of control
http://www.mcpmag.com/features/article.asp?EditorialsID=233 

 

 

Mark Mills, Sr. Network Engineer 

Office Phone:  281-444-2300 x113

Email: mark.mills@xxxxxxxxxxxxxxxxxxxxxx 

  _____  

From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On
Behalf Of Gray Troutman
Sent: Thursday, August 17, 2006 1:37 PM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] hello

 

Hi,
I just signed up.  I'm curious to know how many people (roughly) subscribe
to this list.  I've subscribed to a couple before and they had a pretty wide
range of content due to the number of subscribers.  I've been working with
Windows-based networks for about eleven years now, but this is the first
time I've really been involved with creating an AD from scratch and the
creation of Groups Policies.  I'm really interested in seeing what other
folks are doing, hopefully that way I will catch problems before they occur.


Regards,
Gray



Other related posts: