際際滷

際際滷Share a Scribd company logo

Buoi2

L
Ly hai

Quan tri mang

1 of 18
Downloaded 55 times
丹 C働NG TH C T P QU N TR H TH NG V M NG MY TNH BU I 2 : CHNH SCH NHM (GROUP POLICY) 1. KHI NI M - Ch鱈nh s叩ch nh坦m: l t p c叩c thi t 単 nh c u h狸nh m叩y t鱈nh v ng動 i d湛ng. N坦 単動 c li棚n k t 単 n m叩y t鱈nh (Computer), 単 a bn (site), mi n (domain) v 単董n v t ch c (OU) 単 thi t l p c u h狸nh t叩c 単 ng l棚n c叩ch hnh x c a ng動 i d湛ng. - V鱈 d : Vi c s d ng ch鱈nh s叩ch nh坦m, ch炭ng ta c坦 th thi t l p nh ng ch動董ng tr狸nh ng d ng no ng動 i d湛ng c坦 th s d ng, ch動董ng tr狸nh ng d ng no xu t hi n mn h狸nh n n v trong menu Start. 2. CNG VI C C TH TH C HI N TRONG CHNH SCH NHM - Ph叩t hnh ho c ph但n b c叩c g坦i ph n m m cho c叩c ng動 i d湛ng ho c m叩y. - Ph但n b k ch b n kh i t o (Start-up), t t m叩y (shutdown), 単ng nh p (logon), v 単ng xu t (logoff). - Quy 単 nh c叩c ch鱈nh s叩ch m t kh u, kh坦a ch t ti kho n v ki m to叩n cho mi n. - Quy 単 nh v 叩p 単 t nh ng th担ng s thi t 単 nh dnh cho Internet Explorer. - Quy 単 nh v 叩p 単 t nh ng h n ch tr棚n c叩c m叩y desktop c a ng動 i d湛ng. 3. 丹 I T働 NG CHNH SCH NHM (GROUP POLICY OBJECT - GPO) - C叩c 単 i t動 ng ch鱈nh s叩ch nh坦m (Group Policy Object) l t p c叩c thi t 単 nh ch鱈nh s叩ch nh坦m. M i m叩y t鱈nh Microsoft Windows XP, 2003 単i u c坦 m t 単 i t動 ng ch鱈nh s叩ch nh坦m c c b (Local GPO). - M t 単 i t動 ng ch鱈nh s叩ch nh坦m c c b 単動 c l動u tr tr棚n m i m叩y t鱈nh ch ra r ng m叩y t鱈nh 単坦 c坦 thu c m t m i tr動 ng Active Directory ho c m担i tr動 ng m ng. - C叩c thi t l p c a 単 i t動 ng ch鱈nh s叩ch nh坦m c c b c坦 th b lo i b b i nh ng ch鱈nh s叩ch kh担ng c c b ( NonLocal GPO). 丹 i t動 ng ch鱈nh s叩ch c c b l 単 i t動 ng 鱈t nh h動 ng nh t n u m叩y t鱈nh 単ang trong m担i tr動 ng Active Directory. - C叩c 単 i t動 ng ch鱈nh s叩ch kh担ng c c b 単動 c li棚n k t v i c叩c 単 i t動 ng trong Active Directory (site, domain, OU) v c坦 th 単動 c 叩p d ng cho ng動 i d湛ng ho c m叩y t鱈nh. 丹 s d ng c叩c ch鱈nh s叩ch nh坦m kh担ng c c b , ch炭ng ta ph i c坦 m叩y t鱈nh th c thi Microsoft Windows 2003 Server 単坦ng vai tr嘆 l m t domain controller. 4. THE GROUP POLICY SNAP-IN A Microsoft Management Console (MMC) snap-in 単動 c s d ng 単 t ch c v qu n tr thi t l p ch鱈nh s叩ch nh坦m trong m i GPO. Snap-in cho 単 i t動 ng m c nhi棚n GPO trong Domain Controllers nh動 sau : 16
5. KH I T O LOCAL GROUP POLICY SNAP-IN T Menu StartRun. Nh p l nh GPEDIT.MSC 17
6. KH I T O GPO T ACTIVE DIRECTORY USERS AND COMPUTERS Ch n Active Directory Users and Computers. Nh p ph i tr棚n domain ho c OU m b n mu n 叩p 単 t ch鱈nh s叩ch nh坦m, ch n Properties. Ch n tab Group Policy, Ch n m t GPO trong danh s叩ch, ch n Edit. (Ho c nh p New 単 t o m t GPO m i, sau 単坦 ch n Edit.) 7. CC THI T 丹 NH TRONG GROUP POLICY C叩c thi t 単 nh v Ch鱈nh s叩ch nh坦m 単動 c ch a trong 単 i t動 ng ch鱈nh s叩ch v quy t 単 nh m担i tr動 ng lm vi c c a ng動 i d湛ng: Computer configuration settings: 単動 c s d ng 単 thi t l p ch鱈nh s叩ch nh坦m cho m叩y t鱈nh, b t lu n ng動 i d湛ng no 単ng nh p vo m叩y t鱈nh. Computer configuration settings 単動 c thi t l p khi m叩y t鱈nh kh i 単 ng. User configuration settings: 単動 c s d ng 単 thi t l p ch鱈nh s叩ch nh坦m cho ng動 i d湛ng, b t lu n m叩y t鱈nh no ng動 i d湛ng 単ng nh p vo. User configuration settings 単動 c thi t l p khi ng動 i d湛ng 単ng nh p vo h th ng. C computer configuration settings v user configuration settings 単 u ch a 単 ng Software Settings, Windows Settings, and Administrative Templates. 8. SOFTWARE SETTINGS C trong computer configuration v user configuration, Software Settings ch ch a Software Installation. Software Installation settings tr gi炭p ch炭ng ta thi t 単 nh c叩c ph n m m 単動 c ci 単 t v b o tr狸 nh動 th no trong h th ng. Ch炭ng ta c坦 th qu n tr m t ng d ng trong m t GPO m n坦 単動 c g n v i m t Active Directory container: site, domain or OU. ng d ng c坦 th qu n tr b i m t trong 2 ch 単 : ph但n b (Assigned) ho c qu ng b叩 (Published). 18
9. WINDOWS SETTINGS C computer configuration v user configuration, Windows Settings 単 u ch a Scripts v Security Settings. Scripts cho ph辿p ch炭ng ta thi t l p hai lo i scripts: startup/shutdown v logon/logoff. Startup/shutdown scripts s 単動 c th c thi l炭c startup ho c shutdown. Logon/logoff scripts 単動 c th c thi khi ng動 i d湛ng 単ng nh p ho c 単ng xu t. Security Settings cho ph辿p security administrator thi t l p c叩c m c b o m t 単動 c g叩n cho local ho c nonlocal GPO. Ch c坦 trong user configuration, Windows Settings c坦 ch a group policy settings cho Internet Explorer Maintenance, Remote Installation Services, and Folder Redirection. 10. ADMINISTRATIVE TEMPLATES Trong c hai computer and user configurations, Administrative Templates ch a t t c registry-based group policy settings, g m nh ng thi t 単 nh cho Windows Components, System v Network. Windows Components cho ph辿p ch炭ng ta qu n tr thnh ph n c a Windows g m NetMeeting, Internet Explorer, Windows Explorer, Microsoft Management Console, Task Scheduler v Windows Installer. System 単動 c s d ng 単 単i u khi n ch c nng logon v logoff v group policy. Network cho ph辿p thi t l p cho Offline Files v Network and Dial-Up Connections. 丹 i v i Computer Configuration, Administrative Templates ch a 単 ng thi t 単 nh ch鱈nh s叩ch nh坦m cho m叩y in, System Settings ch a Disk Quotas, Domain Name System (DNS) Client v Windows File Protection. 丹 i v i User Configuration, Administrative Templates g m nh ng thi t 単 nh nh動 Start Menu & Taskbar, Desktop, v Control Panel. 19
11. CHNH SCH NHM 丹働 C TH C HI N NH働 NO a. Local GPO. M i MS Windows XP, 2003 c坦 duy nh t m t GPO c c b . b. Site GPO. B t k畛 GPO n i k t v i Site 単i u 単動 c th c hi n m t c叩ch 単 ng b . Nh qu n tr c坦 th c th h坦a th t GPO n i k t vo site. c. Domain GPO. C叩c GPOs n i k t v i domain s 単動 c th c thi 単 ng b . Nh qu n tr c坦 th c th h坦a th t GPO n i k t vo domain. d. OU GPO. GPO 単動 c n i k t v i OU b c cao h董n trong Active Directory s 単動 c th c hi n tr動 c, sau 単坦 単 n GPO trong OU con. Cu i c湛ng, GPO n i 単 n OU ch a user ho c computer 単動 c th c thi. N u m t s GPO n i v i OU, n坦 s 単動 c th c thi 単 ng b theo tr狸nh t 単動 c thi t l p b i nh qu n tr . 12. TNH TH A K TRONG CHNH SCH NHM T ng qu叩t, ch鱈nh s叩ch nh坦m 単動 c th c hi n t cha 単 n con Tuy nhi棚n, n u ch炭ng ta 単 nh ngh挑a ch鱈nh s叩ch nh坦m cho con th狸 ch鱈nh s叩ch nh坦m ny s 単竪 l棚n ch鱈nh s叩ch nh坦m 単動 c th a k t cha N u m t OU cha kh担ng 単動 c thi t l p ch鱈nh s叩ch nh坦m th狸 con c a n坦 kh担ng th a k N u ch鱈nh s叩ch nh坦m c a cha v con kh担ng xung 単 t, th狸 con s th a k ch鱈nh s叩ch cha v th c thi n ch鱈nh s叩ch c a ch鱈nh n坦 N u ch鱈nh s叩ch nh坦m c a cha v con xung 単 t, con s kh担ng th a k ch鱈nh s叩ch t cha. Ch鱈nh s叩ch c a con s 単動 c 叩p d ng 13. M T S NGO I L TH T CHNH SCH NHM M叩y t鱈nh l thnh vi棚n c a nh坦m lm vi c (Workgroup) th狸 ch th c thi ch鱈nh s叩ch nh坦m c c b th担i. Block Policy Inheritance: Kh担ng k th a ch鱈nh s叩ch nh坦m t cha. No Override: Kh担ng cho ph辿p ch鱈nh s叩ch nh坦m kh叩c ch ng l棚n ch鱈nh s叩ch nh坦m hi n h u. Khi No Override ny 単動 c b t l棚n c p mi n (domain) th狸 Block Policy Inheritance 単動 c b t l棚n c p OU s b v担 hi u h坦a. N u m t 単 i t動 ng c坦 nhi u ch鱈nh s叩ch nh坦m, th狸 th t th c hi n ch鱈nh s叩ch nh坦m l t d動 i l棚n GPO s 単動 c th c hi n theo c u tr炭c th b c trong Active Directory: local GPO, site GPO, domain GPO, v OU GPO. Tuy nhi棚n th t m c nhi棚n ny c坦 th thay 単 i b ng t湛y ch n Block Policy Inheritance, No Override 14. CH N L C (FILTER) CHNH SCH NHM Ch鱈nh s叩ch trong c叩c GPO ch nh h動 ng 単 n nh ng ng動 i d湛ng 単動 c ph辿p 単 c n坦. Ch炭ng ta c坦 th l c l i ph m vi nh h動 ng c a ch鱈nh s叩ch nh坦m trong GPO 単 n nh坦m ng動 i d湛ng th担ng qua vi c g叩n quy n. Do 単坦, ch炭ng ta c坦 th ngn kh担ng cho ch鱈nh s叩ch nh坦m t叩c 単 ng l棚n m t nh坦m no 単坦 b ng c叩ch c m 叩p d ng ch鱈nh s叩ch nh坦m. 20
PH M VI GPO THI T L P QUY N K T QU Thnh vi棚n c a Thi t l p Apply Group- GPO s 単動 c 叩p d ng l棚n thnh vi棚n nh坦m 叩p d ng Policy (AGP) l Allow. nh坦m tr khi Apply Group Policy l Deny GPO Thi t l p Read l Allow ho c Read l Deny ho c c hai Thnh vi棚n c a Thi t l p AGP l Deny Ch鱈nh s叩ch nh坦m kh担ng 単動 c 叩p d ng nh坦m kh担ng 叩p Thi t l p Read l Deny tr棚n nh坦m ny d ng GPO ny Thnh vi棚n trong Thi t l p AGP ho c l M i ng動 i d湛ng c坦 th thu c nhi u nh坦m, nh坦m kh担ng ch c Allow ho c Deny ch鱈nh s叩ch ch 叩p d ng cho ng動 i d湛ng c坦 l c坦 叩p d ng Thi t l p Read l Allow AGP l Allow v Read l Allow ch鱈nh s叩ch nh坦m ho c Deny 15. T O 丹 I T働 NG CHNH SCH NHM (GPO) Click StartProgramsAdministrative ToolsActive Directory Users and Computers Click ph i chu t ch n OU Sales, ch n Properties. Ch n tab Group Policy Click New, 単 t t棚n GPO l Sales GPO Double click Sales GPO (ho c click ch n Edit) 21
Trong User Configuration, ch n Administrative Templates. Trong Administrative Templates ch n Start Menu and Taskbar Start Menu and Taskbar double click ch n thi t 単 nh Remove Network Connections from Start Menu 22
Ch n Enabled, click Apply, click OK T動董ng t , trong Control Panel, b t (enabled) thi t 単 nh Prohibit access to Control Panel Trong Desktop, b t thi t 単 nh Remove Recycle Bin icon from desktop 丹坦ng GPO li棚n k t v i Sales l i. Click OK 単坦ng h p tho i GPO c a Sales l i 16. T O CONSOLE CHO GPO Click StartRun. Nh p l nh MMC. OK Click File, ch n Add/Remove Snap-in 23
Click Add, ch n Group Policy Editor, click Add 24
Click Browse 25
Double click ch n Sales.ctu.edu.vn Ch n Sales GPO, click OK 26
Click Finish, click Close. Click OK Click menu File, ch n Save in. 丹 t t棚n Sales GPO. 27
Click Start/Programs/Administrative Tools 単 ki m tra xem Sales GPO 単達 t n t i ch動a ? 17. C P QUY N Allow log on locally CHO NHM Domain Users. Click Start/Programs/Administrive Tools/Domain Controller Security Policy Ch n Local Policies/User Rights Assignment Double click ch n Allow log on locally Click Add User or Group Ch n Browse, ch n Advanced Click Find Now. T狸m nh坦m Domain Users, double click ch n Domain Users. Click OK. Click OK. Click Apply. Click OK. Restart domain controller. 丹ng nh p vo b ng c叩c ti kho n trong Sales : pctrinh, dtdiem 単 ki m tra xem c叩c thi t 単 nh GPO c坦 ho t 単 ng kh担ng ? 18. LIN K T GPO M c nhi棚n, m t GPO s 単動 c li棚n k t 単 n domain, site, OU 単動 c ch n trong MMC khi n坦 t o ra. V狸 th , GPO ch 叩p d ng tr棚n c叩c 単 i t動 ng 単坦 th担i. Mu n s d ng GPO cho c叩c 単 i t動 ng kh叩c, ta ph i t o th棚m li棚n k t trong GPO 28
Li棚n k t GPO c a OU Sales v i OU Marketing : 丹ng nh p vo b 単i u khi n mi n b ng ti kho n Administrator Th c thi Active Directory Users and Computers, click ph i chu t vo OU Marketing. Ch n Properties. Ch n tab Group Policy. Click Add. 29
Click tab All, ch n Sales GPO 30
31
19. CH N L C CHNH SCH NHM V I NHM NG働 I DNG Khi ch炭ng ta t o ra GPO trong site, domain, OU th狸 nh ng ti kho n ng動 i d湛ng trong site, domain, OU s ch u t叩c 単 ng c a c叩c thi t 単 nh trong GPO 単坦. N u mu n c叩c thi t 単 nh kh担ng t叩c 単 ng l棚n c叩c ti kho n ng動 i d湛ng trong nh ng tr動 ng h p 単 c bi t, ch炭ng ta th動 ng t o ra m t nh坦m ng動 i d湛ng sau 単坦 単動a c叩c ti kho n ng動 i d湛ng lm thnh vi棚n c a nh坦m ny. Sau 単坦 thi t l p quy n Read v Apply Group Policy cho nh坦m ny l Deny T o nh坦m GVIP 丹動a ti kho n ng動 i d湛ng pctrinh trong OU Sales v hxhuong trong OU Marketing lm thnh vi棚n c a nh坦m GVIP. M Console c a Sales GPO, c p quy n truy c p Read, Apply Group Policy cho nh坦m GVIP l Deny 32
Log off ti kho n Administrator L n l動 t 単ng nh p b ng c叩c ti kho n pctrinh, dtdiem, thdao, hxhuong 単 ki m tra. So s叩nh gi a ti kho n pctrinh, hxhuong v i dtdiem, thdao. Gi i th鱈ch ? 33

Recommended

Group policy object p1
Group policy object p1Group policy object p1
Group policy object p1
laonap166
Group policy object ph畉n 2
Group policy object ph畉n 2Group policy object ph畉n 2
Group policy object ph畉n 2
laonap166
Lecture chinhsachnhom
Lecture chinhsachnhomLecture chinhsachnhom
Lecture chinhsachnhom
L達 畉t
Group policy object ph畉n 3
Group policy object ph畉n 3Group policy object ph畉n 3
Group policy object ph畉n 3
laonap166
Bai 05 chinh sach nhom
Bai 05 chinh sach nhomBai 05 chinh sach nhom
Bai 05 chinh sach nhom
Van Pham
Buoi4
Buoi4Buoi4
Buoi4
Ly hai
Cao Hoc " He Thong Thong Tin" 2011
Cao Hoc " He Thong Thong Tin" 2011Cao Hoc " He Thong Thong Tin" 2011
Cao Hoc " He Thong Thong Tin" 2011
Ly hai
Active Directory Cau Hinh D N S
Active Directory Cau Hinh D N SActive Directory Cau Hinh D N S
Active Directory Cau Hinh D N S
Ly hai
D:\14\Luanvanpm
D:\14\LuanvanpmD:\14\Luanvanpm
D:\14\Luanvanpm
Ly hai
Buoi1
Buoi1Buoi1
Buoi1
Ly hai
Giao trinh phan cung
Giao trinh phan cung Giao trinh phan cung
Giao trinh phan cung
Ly hai
Active Directory Cau Hinh D N S
Active Directory Cau Hinh D N SActive Directory Cau Hinh D N S
Active Directory Cau Hinh D N S
Ly hai
Hung dan cai dat va su dung dot netnuke5.x
Hung dan cai dat va su dung dot netnuke5.xHung dan cai dat va su dung dot netnuke5.x
Hung dan cai dat va su dung dot netnuke5.x
Ly hai
B坦 Hoa T狸Nh Ban Pl
B坦 Hoa T狸Nh Ban PlB坦 Hoa T狸Nh Ban Pl
B坦 Hoa T狸Nh Ban Pl
Ly hai
Nh畉p m担n JavaScript
Nh畉p m担n JavaScriptNh畉p m担n JavaScript
Nh畉p m担n JavaScript
Ly hai
Buoi3
Buoi3Buoi3
Buoi3
Ly hai
Phan1 gioithieu
Phan1 gioithieuPhan1 gioithieu
Phan1 gioithieu
Ly hai
Hephantan
HephantanHephantan
Hephantan
Ly hai
Detai Nl3 0809
Detai Nl3 0809Detai Nl3 0809
Detai Nl3 0809
Ly hai
Ktmt kt c1_c2
Ktmt kt c1_c2Ktmt kt c1_c2
Ktmt kt c1_c2
Ly hai
H動畛ng d畉n s畛 d畛ng Mozilla Thunderbird - Mozilla Firefox - UniKey V3.0
H動畛ng d畉n s畛 d畛ng Mozilla Thunderbird - Mozilla Firefox - UniKey V3.0H動畛ng d畉n s畛 d畛ng Mozilla Thunderbird - Mozilla Firefox - UniKey V3.0
H動畛ng d畉n s畛 d畛ng Mozilla Thunderbird - Mozilla Firefox - UniKey V3.0
Ly hai
Bai giang asp.net full
Bai giang asp.net fullBai giang asp.net full
Bai giang asp.net full
Ly hai
De Cuong Thuc Hanh Mang May Tinh
De Cuong Thuc Hanh Mang May TinhDe Cuong Thuc Hanh Mang May Tinh
De Cuong Thuc Hanh Mang May Tinh
Ly hai
Install Win2 K3 Server
Install Win2 K3 ServerInstall Win2 K3 Server
Install Win2 K3 Server
Ly hai
Ti li畛u h動畛ng d畉n s畛 d畛ng Ubuntu b畉ng ti畉ng Vi畛t
Ti li畛u h動畛ng d畉n s畛 d畛ng Ubuntu b畉ng ti畉ng Vi畛tTi li畛u h動畛ng d畉n s畛 d畛ng Ubuntu b畉ng ti畉ng Vi畛t
Ti li畛u h動畛ng d畉n s畛 d畛ng Ubuntu b畉ng ti畉ng Vi畛t
Ly hai
Ph但n t鱈ch v thi畉t k畉 HTTT
Ph但n t鱈ch v thi畉t k畉 HTTTPh但n t鱈ch v thi畉t k畉 HTTT
Ph但n t鱈ch v thi畉t k畉 HTTT
Ly hai
Bai1 Mang truyen so lieu va chuan hoa
Bai1 Mang truyen so lieu va chuan hoaBai1 Mang truyen so lieu va chuan hoa
Bai1 Mang truyen so lieu va chuan hoa
Ly hai
Ph但n t鱈ch thi畉t k畉 h畛 th畛ng th担ng tin
Ph但n t鱈ch thi畉t k畉 h畛 th畛ng th担ng tinPh但n t鱈ch thi畉t k畉 h畛 th畛ng th担ng tin
Ph但n t鱈ch thi畉t k畉 h畛 th畛ng th担ng tin
huynhle1990
Gpo
GpoGpo
Gpo
it
Bi 8: Tri畛n khai b畉o m畉t s畛 d畛ng ch鱈nh s叩ch nh坦m (Group policy) - Gi叩o tr狸nh...
Bi 8: Tri畛n khai b畉o m畉t s畛 d畛ng ch鱈nh s叩ch nh坦m (Group policy) - Gi叩o tr狸nh...Bi 8: Tri畛n khai b畉o m畉t s畛 d畛ng ch鱈nh s叩ch nh坦m (Group policy) - Gi叩o tr狸nh...
Bi 8: Tri畛n khai b畉o m畉t s畛 d畛ng ch鱈nh s叩ch nh坦m (Group policy) - Gi叩o tr狸nh...
MasterCode.vn

More Related Content

Viewers also liked (20)

D:\14\Luanvanpm
D:\14\LuanvanpmD:\14\Luanvanpm
D:\14\Luanvanpm
Ly hai
Buoi1
Buoi1Buoi1
Buoi1
Ly hai
Giao trinh phan cung
Giao trinh phan cung Giao trinh phan cung
Giao trinh phan cung
Ly hai
Active Directory Cau Hinh D N S
Active Directory Cau Hinh D N SActive Directory Cau Hinh D N S
Active Directory Cau Hinh D N S
Ly hai
Hung dan cai dat va su dung dot netnuke5.x
Hung dan cai dat va su dung dot netnuke5.xHung dan cai dat va su dung dot netnuke5.x
Hung dan cai dat va su dung dot netnuke5.x
Ly hai
B坦 Hoa T狸Nh Ban Pl
B坦 Hoa T狸Nh Ban PlB坦 Hoa T狸Nh Ban Pl
B坦 Hoa T狸Nh Ban Pl
Ly hai
Nh畉p m担n JavaScript
Nh畉p m担n JavaScriptNh畉p m担n JavaScript
Nh畉p m担n JavaScript
Ly hai
Buoi3
Buoi3Buoi3
Buoi3
Ly hai
Phan1 gioithieu
Phan1 gioithieuPhan1 gioithieu
Phan1 gioithieu
Ly hai
Hephantan
HephantanHephantan
Hephantan
Ly hai
Detai Nl3 0809
Detai Nl3 0809Detai Nl3 0809
Detai Nl3 0809
Ly hai
Ktmt kt c1_c2
Ktmt kt c1_c2Ktmt kt c1_c2
Ktmt kt c1_c2
Ly hai
H動畛ng d畉n s畛 d畛ng Mozilla Thunderbird - Mozilla Firefox - UniKey V3.0
H動畛ng d畉n s畛 d畛ng Mozilla Thunderbird - Mozilla Firefox - UniKey V3.0H動畛ng d畉n s畛 d畛ng Mozilla Thunderbird - Mozilla Firefox - UniKey V3.0
H動畛ng d畉n s畛 d畛ng Mozilla Thunderbird - Mozilla Firefox - UniKey V3.0
Ly hai
Bai giang asp.net full
Bai giang asp.net fullBai giang asp.net full
Bai giang asp.net full
Ly hai
De Cuong Thuc Hanh Mang May Tinh
De Cuong Thuc Hanh Mang May TinhDe Cuong Thuc Hanh Mang May Tinh
De Cuong Thuc Hanh Mang May Tinh
Ly hai
Install Win2 K3 Server
Install Win2 K3 ServerInstall Win2 K3 Server
Install Win2 K3 Server
Ly hai
Ti li畛u h動畛ng d畉n s畛 d畛ng Ubuntu b畉ng ti畉ng Vi畛t
Ti li畛u h動畛ng d畉n s畛 d畛ng Ubuntu b畉ng ti畉ng Vi畛tTi li畛u h動畛ng d畉n s畛 d畛ng Ubuntu b畉ng ti畉ng Vi畛t
Ti li畛u h動畛ng d畉n s畛 d畛ng Ubuntu b畉ng ti畉ng Vi畛t
Ly hai
Ph但n t鱈ch v thi畉t k畉 HTTT
Ph但n t鱈ch v thi畉t k畉 HTTTPh但n t鱈ch v thi畉t k畉 HTTT
Ph但n t鱈ch v thi畉t k畉 HTTT
Ly hai
Bai1 Mang truyen so lieu va chuan hoa
Bai1 Mang truyen so lieu va chuan hoaBai1 Mang truyen so lieu va chuan hoa
Bai1 Mang truyen so lieu va chuan hoa
Ly hai
Ph但n t鱈ch thi畉t k畉 h畛 th畛ng th担ng tin
Ph但n t鱈ch thi畉t k畉 h畛 th畛ng th担ng tinPh但n t鱈ch thi畉t k畉 h畛 th畛ng th担ng tin
Ph但n t鱈ch thi畉t k畉 h畛 th畛ng th担ng tin
huynhle1990
D:\14\Luanvanpm
D:\14\LuanvanpmD:\14\Luanvanpm
D:\14\Luanvanpm
Ly hai
Buoi1
Buoi1Buoi1
Buoi1
Ly hai
Giao trinh phan cung
Giao trinh phan cung Giao trinh phan cung
Giao trinh phan cung
Ly hai
Active Directory Cau Hinh D N S
Active Directory Cau Hinh D N SActive Directory Cau Hinh D N S
Active Directory Cau Hinh D N S
Ly hai
Hung dan cai dat va su dung dot netnuke5.x
Hung dan cai dat va su dung dot netnuke5.xHung dan cai dat va su dung dot netnuke5.x
Hung dan cai dat va su dung dot netnuke5.x
Ly hai
B坦 Hoa T狸Nh Ban Pl
B坦 Hoa T狸Nh Ban PlB坦 Hoa T狸Nh Ban Pl
B坦 Hoa T狸Nh Ban Pl
Ly hai
Nh畉p m担n JavaScript
Nh畉p m担n JavaScriptNh畉p m担n JavaScript
Nh畉p m担n JavaScript
Ly hai
Buoi3
Buoi3Buoi3
Buoi3
Ly hai
Phan1 gioithieu
Phan1 gioithieuPhan1 gioithieu
Phan1 gioithieu
Ly hai
Hephantan
HephantanHephantan
Hephantan
Ly hai
Detai Nl3 0809
Detai Nl3 0809Detai Nl3 0809
Detai Nl3 0809
Ly hai
Ktmt kt c1_c2
Ktmt kt c1_c2Ktmt kt c1_c2
Ktmt kt c1_c2
Ly hai
H動畛ng d畉n s畛 d畛ng Mozilla Thunderbird - Mozilla Firefox - UniKey V3.0
H動畛ng d畉n s畛 d畛ng Mozilla Thunderbird - Mozilla Firefox - UniKey V3.0H動畛ng d畉n s畛 d畛ng Mozilla Thunderbird - Mozilla Firefox - UniKey V3.0
H動畛ng d畉n s畛 d畛ng Mozilla Thunderbird - Mozilla Firefox - UniKey V3.0
Ly hai
Bai giang asp.net full
Bai giang asp.net fullBai giang asp.net full
Bai giang asp.net full
Ly hai
De Cuong Thuc Hanh Mang May Tinh
De Cuong Thuc Hanh Mang May TinhDe Cuong Thuc Hanh Mang May Tinh
De Cuong Thuc Hanh Mang May Tinh
Ly hai
Install Win2 K3 Server
Install Win2 K3 ServerInstall Win2 K3 Server
Install Win2 K3 Server
Ly hai
Ti li畛u h動畛ng d畉n s畛 d畛ng Ubuntu b畉ng ti畉ng Vi畛t
Ti li畛u h動畛ng d畉n s畛 d畛ng Ubuntu b畉ng ti畉ng Vi畛tTi li畛u h動畛ng d畉n s畛 d畛ng Ubuntu b畉ng ti畉ng Vi畛t
Ti li畛u h動畛ng d畉n s畛 d畛ng Ubuntu b畉ng ti畉ng Vi畛t
Ly hai
Ph但n t鱈ch v thi畉t k畉 HTTT
Ph但n t鱈ch v thi畉t k畉 HTTTPh但n t鱈ch v thi畉t k畉 HTTT
Ph但n t鱈ch v thi畉t k畉 HTTT
Ly hai
Bai1 Mang truyen so lieu va chuan hoa
Bai1 Mang truyen so lieu va chuan hoaBai1 Mang truyen so lieu va chuan hoa
Bai1 Mang truyen so lieu va chuan hoa
Ly hai
Ph但n t鱈ch thi畉t k畉 h畛 th畛ng th担ng tin
Ph但n t鱈ch thi畉t k畉 h畛 th畛ng th担ng tinPh但n t鱈ch thi畉t k畉 h畛 th畛ng th担ng tin
Ph但n t鱈ch thi畉t k畉 h畛 th畛ng th担ng tin
huynhle1990

Similar to Buoi2 (20)

Gpo
GpoGpo
Gpo
it
Bi 8: Tri畛n khai b畉o m畉t s畛 d畛ng ch鱈nh s叩ch nh坦m (Group policy) - Gi叩o tr狸nh...
Bi 8: Tri畛n khai b畉o m畉t s畛 d畛ng ch鱈nh s叩ch nh坦m (Group policy) - Gi叩o tr狸nh...Bi 8: Tri畛n khai b畉o m畉t s畛 d畛ng ch鱈nh s叩ch nh坦m (Group policy) - Gi叩o tr狸nh...
Bi 8: Tri畛n khai b畉o m畉t s畛 d畛ng ch鱈nh s叩ch nh坦m (Group policy) - Gi叩o tr狸nh...
MasterCode.vn
Bi 6: Tri畛n khai h畉 t畉ng ch鱈nh s叩ch nh坦m (GP) - Gi叩o tr狸nh FPT
Bi 6: Tri畛n khai h畉 t畉ng ch鱈nh s叩ch nh坦m (GP) - Gi叩o tr狸nh FPTBi 6: Tri畛n khai h畉 t畉ng ch鱈nh s叩ch nh坦m (GP) - Gi叩o tr狸nh FPT
Bi 6: Tri畛n khai h畉 t畉ng ch鱈nh s叩ch nh坦m (GP) - Gi叩o tr狸nh FPT
MasterCode.vn
Bi 7: Qu畉n tr畛 ng動畛i d湛ng th担ng qua ch鱈nh s叩ch nh坦m - Gi叩o tr狸nh FPT
Bi 7: Qu畉n tr畛 ng動畛i d湛ng th担ng qua ch鱈nh s叩ch nh坦m - Gi叩o tr狸nh FPTBi 7: Qu畉n tr畛 ng動畛i d湛ng th担ng qua ch鱈nh s叩ch nh坦m - Gi叩o tr狸nh FPT
Bi 7: Qu畉n tr畛 ng動畛i d湛ng th担ng qua ch鱈nh s叩ch nh坦m - Gi叩o tr狸nh FPT
MasterCode.vn
Bai 04 chinh sach he thong
Bai 04 chinh sach he thongBai 04 chinh sach he thong
Bai 04 chinh sach he thong
Van Pham
T狸m hi畛u group policy object v c叩c v鱈 d畛
T狸m hi畛u group policy object v c叩c v鱈 d畛T狸m hi畛u group policy object v c叩c v鱈 d畛
T狸m hi畛u group policy object v c叩c v鱈 d畛
laonap166
Group policy cac thiet lap duoc luu nhu the nao
Group policy cac thiet lap duoc luu nhu the naoGroup policy cac thiet lap duoc luu nhu the nao
Group policy cac thiet lap duoc luu nhu the nao
Tr動畛ng Ti畛n
Tr狸nh by c叩c t叩c v畛 qu畉n l箪 Domain v畛i Windows Server 2008
Tr狸nh by c叩c t叩c v畛 qu畉n l箪 Domain v畛i Windows Server 2008Tr狸nh by c叩c t叩c v畛 qu畉n l箪 Domain v畛i Windows Server 2008
Tr狸nh by c叩c t叩c v畛 qu畉n l箪 Domain v畛i Windows Server 2008
T炭 Cao
Nh坦M 7
Nh坦M 7Nh坦M 7
Nh坦M 7
gueste49390
B叩o c叩o chuy棚n 畛 m畉ng -T狸m hi畛u v c畉u hinh Group policy tr棚n windows server...
B叩o c叩o chuy棚n 畛 m畉ng -T狸m hi畛u v c畉u hinh Group policy tr棚n windows server...B叩o c叩o chuy棚n 畛 m畉ng -T狸m hi畛u v c畉u hinh Group policy tr棚n windows server...
B叩o c叩o chuy棚n 畛 m畉ng -T狸m hi畛u v c畉u hinh Group policy tr棚n windows server...
L動董ng Ki棚n
Chuy棚n 畛 group policy
Chuy棚n 畛 group policyChuy棚n 畛 group policy
Chuy棚n 畛 group policy
B狸nh Tr畛ng n
Phan mem erp omega ho so nang luc
Phan mem erp omega ho so nang lucPhan mem erp omega ho so nang luc
Phan mem erp omega ho so nang luc
Phan Mem Erp Omega
Ebook drupal 7 vn
Ebook drupal 7 vnEbook drupal 7 vn
Ebook drupal 7 vn
Nh但n Ph畉m Vn
Huongdancaidat moodle 162(kco j
Huongdancaidat moodle 162(kco jHuongdancaidat moodle 162(kco j
Huongdancaidat moodle 162(kco j
Lan Nguyen
Quan ly bo nho
Quan ly bo nhoQuan ly bo nho
Quan ly bo nho
Trinh Duy Hung
Lab 14 group policy
Lab 14 group policy Lab 14 group policy
Lab 14 group policy
Pham Viet Dung
Windows server-2008tai lieu mang
Windows server-2008tai lieu mangWindows server-2008tai lieu mang
Windows server-2008tai lieu mang
Quang Tien
Windows server-2008
Windows server-2008Windows server-2008
Windows server-2008
Hate To Love
Windows server-2008
Windows server-2008Windows server-2008
Windows server-2008
Hate To Love
Ebook drupal 7 vn
Ebook drupal 7 vnEbook drupal 7 vn
Ebook drupal 7 vn
gaugauvn
Gpo
GpoGpo
Gpo
it
Bi 8: Tri畛n khai b畉o m畉t s畛 d畛ng ch鱈nh s叩ch nh坦m (Group policy) - Gi叩o tr狸nh...
Bi 8: Tri畛n khai b畉o m畉t s畛 d畛ng ch鱈nh s叩ch nh坦m (Group policy) - Gi叩o tr狸nh...Bi 8: Tri畛n khai b畉o m畉t s畛 d畛ng ch鱈nh s叩ch nh坦m (Group policy) - Gi叩o tr狸nh...
Bi 8: Tri畛n khai b畉o m畉t s畛 d畛ng ch鱈nh s叩ch nh坦m (Group policy) - Gi叩o tr狸nh...
MasterCode.vn
Bi 6: Tri畛n khai h畉 t畉ng ch鱈nh s叩ch nh坦m (GP) - Gi叩o tr狸nh FPT
Bi 6: Tri畛n khai h畉 t畉ng ch鱈nh s叩ch nh坦m (GP) - Gi叩o tr狸nh FPTBi 6: Tri畛n khai h畉 t畉ng ch鱈nh s叩ch nh坦m (GP) - Gi叩o tr狸nh FPT
Bi 6: Tri畛n khai h畉 t畉ng ch鱈nh s叩ch nh坦m (GP) - Gi叩o tr狸nh FPT
MasterCode.vn
Bi 7: Qu畉n tr畛 ng動畛i d湛ng th担ng qua ch鱈nh s叩ch nh坦m - Gi叩o tr狸nh FPT
Bi 7: Qu畉n tr畛 ng動畛i d湛ng th担ng qua ch鱈nh s叩ch nh坦m - Gi叩o tr狸nh FPTBi 7: Qu畉n tr畛 ng動畛i d湛ng th担ng qua ch鱈nh s叩ch nh坦m - Gi叩o tr狸nh FPT
Bi 7: Qu畉n tr畛 ng動畛i d湛ng th担ng qua ch鱈nh s叩ch nh坦m - Gi叩o tr狸nh FPT
MasterCode.vn
Bai 04 chinh sach he thong
Bai 04 chinh sach he thongBai 04 chinh sach he thong
Bai 04 chinh sach he thong
Van Pham
T狸m hi畛u group policy object v c叩c v鱈 d畛
T狸m hi畛u group policy object v c叩c v鱈 d畛T狸m hi畛u group policy object v c叩c v鱈 d畛
T狸m hi畛u group policy object v c叩c v鱈 d畛
laonap166
Group policy cac thiet lap duoc luu nhu the nao
Group policy cac thiet lap duoc luu nhu the naoGroup policy cac thiet lap duoc luu nhu the nao
Group policy cac thiet lap duoc luu nhu the nao
Tr動畛ng Ti畛n
Tr狸nh by c叩c t叩c v畛 qu畉n l箪 Domain v畛i Windows Server 2008
Tr狸nh by c叩c t叩c v畛 qu畉n l箪 Domain v畛i Windows Server 2008Tr狸nh by c叩c t叩c v畛 qu畉n l箪 Domain v畛i Windows Server 2008
Tr狸nh by c叩c t叩c v畛 qu畉n l箪 Domain v畛i Windows Server 2008
T炭 Cao
Nh坦M 7
Nh坦M 7Nh坦M 7
Nh坦M 7
gueste49390
B叩o c叩o chuy棚n 畛 m畉ng -T狸m hi畛u v c畉u hinh Group policy tr棚n windows server...
B叩o c叩o chuy棚n 畛 m畉ng -T狸m hi畛u v c畉u hinh Group policy tr棚n windows server...B叩o c叩o chuy棚n 畛 m畉ng -T狸m hi畛u v c畉u hinh Group policy tr棚n windows server...
B叩o c叩o chuy棚n 畛 m畉ng -T狸m hi畛u v c畉u hinh Group policy tr棚n windows server...
L動董ng Ki棚n
Chuy棚n 畛 group policy
Chuy棚n 畛 group policyChuy棚n 畛 group policy
Chuy棚n 畛 group policy
B狸nh Tr畛ng n
Phan mem erp omega ho so nang luc
Phan mem erp omega ho so nang lucPhan mem erp omega ho so nang luc
Phan mem erp omega ho so nang luc
Phan Mem Erp Omega
Ebook drupal 7 vn
Ebook drupal 7 vnEbook drupal 7 vn
Ebook drupal 7 vn
Nh但n Ph畉m Vn
Huongdancaidat moodle 162(kco j
Huongdancaidat moodle 162(kco jHuongdancaidat moodle 162(kco j
Huongdancaidat moodle 162(kco j
Lan Nguyen
Quan ly bo nho
Quan ly bo nhoQuan ly bo nho
Quan ly bo nho
Trinh Duy Hung
Lab 14 group policy
Lab 14 group policy Lab 14 group policy
Lab 14 group policy
Pham Viet Dung
Windows server-2008tai lieu mang
Windows server-2008tai lieu mangWindows server-2008tai lieu mang
Windows server-2008tai lieu mang
Quang Tien
Windows server-2008
Windows server-2008Windows server-2008
Windows server-2008
Hate To Love
Windows server-2008
Windows server-2008Windows server-2008
Windows server-2008
Hate To Love
Ebook drupal 7 vn
Ebook drupal 7 vnEbook drupal 7 vn
Ebook drupal 7 vn
gaugauvn

More from Ly hai (14)

Lap rap va_cai_dat
Lap rap va_cai_datLap rap va_cai_dat
Lap rap va_cai_dat
Ly hai
Ci 畉t m畉ng bootroom
Ci 畉t m畉ng bootroomCi 畉t m畉ng bootroom
Ci 畉t m畉ng bootroom
Ly hai
6 he thong xuat nhap
6 he thong xuat nhap6 he thong xuat nhap
6 he thong xuat nhap
Ly hai
4 ky thuat xu ly tt
4 ky thuat xu ly tt4 ky thuat xu ly tt
4 ky thuat xu ly tt
Ly hai
3 To chuc bo vi xu ly
3 To chuc bo vi xu ly3 To chuc bo vi xu ly
3 To chuc bo vi xu ly
Ly hai
2 kien truc phan mem
2 kien truc phan mem2 kien truc phan mem
2 kien truc phan mem
Ly hai
1 Tong quan m叩y t鱈nh
1 Tong quan m叩y t鱈nh1 Tong quan m叩y t鱈nh
1 Tong quan m叩y t鱈nh
Ly hai
7 can ban assembly
7 can ban assembly7 can ban assembly
7 can ban assembly
Ly hai
5 bo nho may tinh
5 bo nho may tinh5 bo nho may tinh
5 bo nho may tinh
Ly hai
Phan2 chuong8 chuoikitu
Phan2 chuong8 chuoikituPhan2 chuong8 chuoikitu
Phan2 chuong8 chuoikitu
Ly hai
Phan2 chuong6 mang
Phan2 chuong6 mangPhan2 chuong6 mang
Phan2 chuong6 mang
Ly hai
Phan2 chuong5 ctrinhcon
Phan2 chuong5 ctrinhconPhan2 chuong5 ctrinhcon
Phan2 chuong5 ctrinhcon
Ly hai
Phan2 chuong4 caclenhcautruc
Phan2 chuong4 caclenhcautrucPhan2 chuong4 caclenhcautruc
Phan2 chuong4 caclenhcautruc
Ly hai
Phan2 chuong1 gioithieu_c
Phan2 chuong1 gioithieu_cPhan2 chuong1 gioithieu_c
Phan2 chuong1 gioithieu_c
Ly hai
Lap rap va_cai_dat
Lap rap va_cai_datLap rap va_cai_dat
Lap rap va_cai_dat
Ly hai
Ci 畉t m畉ng bootroom
Ci 畉t m畉ng bootroomCi 畉t m畉ng bootroom
Ci 畉t m畉ng bootroom
Ly hai
6 he thong xuat nhap
6 he thong xuat nhap6 he thong xuat nhap
6 he thong xuat nhap
Ly hai
4 ky thuat xu ly tt
4 ky thuat xu ly tt4 ky thuat xu ly tt
4 ky thuat xu ly tt
Ly hai
3 To chuc bo vi xu ly
3 To chuc bo vi xu ly3 To chuc bo vi xu ly
3 To chuc bo vi xu ly
Ly hai
2 kien truc phan mem
2 kien truc phan mem2 kien truc phan mem
2 kien truc phan mem
Ly hai
1 Tong quan m叩y t鱈nh
1 Tong quan m叩y t鱈nh1 Tong quan m叩y t鱈nh
1 Tong quan m叩y t鱈nh
Ly hai
7 can ban assembly
7 can ban assembly7 can ban assembly
7 can ban assembly
Ly hai
5 bo nho may tinh
5 bo nho may tinh5 bo nho may tinh
5 bo nho may tinh
Ly hai
Phan2 chuong8 chuoikitu
Phan2 chuong8 chuoikituPhan2 chuong8 chuoikitu
Phan2 chuong8 chuoikitu
Ly hai
Phan2 chuong6 mang
Phan2 chuong6 mangPhan2 chuong6 mang
Phan2 chuong6 mang
Ly hai
Phan2 chuong5 ctrinhcon
Phan2 chuong5 ctrinhconPhan2 chuong5 ctrinhcon
Phan2 chuong5 ctrinhcon
Ly hai
Phan2 chuong4 caclenhcautruc
Phan2 chuong4 caclenhcautrucPhan2 chuong4 caclenhcautruc
Phan2 chuong4 caclenhcautruc
Ly hai
Phan2 chuong1 gioithieu_c
Phan2 chuong1 gioithieu_cPhan2 chuong1 gioithieu_c
Phan2 chuong1 gioithieu_c
Ly hai

Buoi2

  • 1. 丹 C働NG TH C T P QU N TR H TH NG V M NG MY TNH BU I 2 : CHNH SCH NHM (GROUP POLICY) 1. KHI NI M - Ch鱈nh s叩ch nh坦m: l t p c叩c thi t 単 nh c u h狸nh m叩y t鱈nh v ng動 i d湛ng. N坦 単動 c li棚n k t 単 n m叩y t鱈nh (Computer), 単 a bn (site), mi n (domain) v 単董n v t ch c (OU) 単 thi t l p c u h狸nh t叩c 単 ng l棚n c叩ch hnh x c a ng動 i d湛ng. - V鱈 d : Vi c s d ng ch鱈nh s叩ch nh坦m, ch炭ng ta c坦 th thi t l p nh ng ch動董ng tr狸nh ng d ng no ng動 i d湛ng c坦 th s d ng, ch動董ng tr狸nh ng d ng no xu t hi n mn h狸nh n n v trong menu Start. 2. CNG VI C C TH TH C HI N TRONG CHNH SCH NHM - Ph叩t hnh ho c ph但n b c叩c g坦i ph n m m cho c叩c ng動 i d湛ng ho c m叩y. - Ph但n b k ch b n kh i t o (Start-up), t t m叩y (shutdown), 単ng nh p (logon), v 単ng xu t (logoff). - Quy 単 nh c叩c ch鱈nh s叩ch m t kh u, kh坦a ch t ti kho n v ki m to叩n cho mi n. - Quy 単 nh v 叩p 単 t nh ng th担ng s thi t 単 nh dnh cho Internet Explorer. - Quy 単 nh v 叩p 単 t nh ng h n ch tr棚n c叩c m叩y desktop c a ng動 i d湛ng. 3. 丹 I T働 NG CHNH SCH NHM (GROUP POLICY OBJECT - GPO) - C叩c 単 i t動 ng ch鱈nh s叩ch nh坦m (Group Policy Object) l t p c叩c thi t 単 nh ch鱈nh s叩ch nh坦m. M i m叩y t鱈nh Microsoft Windows XP, 2003 単i u c坦 m t 単 i t動 ng ch鱈nh s叩ch nh坦m c c b (Local GPO). - M t 単 i t動 ng ch鱈nh s叩ch nh坦m c c b 単動 c l動u tr tr棚n m i m叩y t鱈nh ch ra r ng m叩y t鱈nh 単坦 c坦 thu c m t m i tr動 ng Active Directory ho c m担i tr動 ng m ng. - C叩c thi t l p c a 単 i t動 ng ch鱈nh s叩ch nh坦m c c b c坦 th b lo i b b i nh ng ch鱈nh s叩ch kh担ng c c b ( NonLocal GPO). 丹 i t動 ng ch鱈nh s叩ch c c b l 単 i t動 ng 鱈t nh h動 ng nh t n u m叩y t鱈nh 単ang trong m担i tr動 ng Active Directory. - C叩c 単 i t動 ng ch鱈nh s叩ch kh担ng c c b 単動 c li棚n k t v i c叩c 単 i t動 ng trong Active Directory (site, domain, OU) v c坦 th 単動 c 叩p d ng cho ng動 i d湛ng ho c m叩y t鱈nh. 丹 s d ng c叩c ch鱈nh s叩ch nh坦m kh担ng c c b , ch炭ng ta ph i c坦 m叩y t鱈nh th c thi Microsoft Windows 2003 Server 単坦ng vai tr嘆 l m t domain controller. 4. THE GROUP POLICY SNAP-IN A Microsoft Management Console (MMC) snap-in 単動 c s d ng 単 t ch c v qu n tr thi t l p ch鱈nh s叩ch nh坦m trong m i GPO. Snap-in cho 単 i t動 ng m c nhi棚n GPO trong Domain Controllers nh動 sau : 16
  • 2. 5. KH I T O LOCAL GROUP POLICY SNAP-IN T Menu StartRun. Nh p l nh GPEDIT.MSC 17
  • 3. 6. KH I T O GPO T ACTIVE DIRECTORY USERS AND COMPUTERS Ch n Active Directory Users and Computers. Nh p ph i tr棚n domain ho c OU m b n mu n 叩p 単 t ch鱈nh s叩ch nh坦m, ch n Properties. Ch n tab Group Policy, Ch n m t GPO trong danh s叩ch, ch n Edit. (Ho c nh p New 単 t o m t GPO m i, sau 単坦 ch n Edit.) 7. CC THI T 丹 NH TRONG GROUP POLICY C叩c thi t 単 nh v Ch鱈nh s叩ch nh坦m 単動 c ch a trong 単 i t動 ng ch鱈nh s叩ch v quy t 単 nh m担i tr動 ng lm vi c c a ng動 i d湛ng: Computer configuration settings: 単動 c s d ng 単 thi t l p ch鱈nh s叩ch nh坦m cho m叩y t鱈nh, b t lu n ng動 i d湛ng no 単ng nh p vo m叩y t鱈nh. Computer configuration settings 単動 c thi t l p khi m叩y t鱈nh kh i 単 ng. User configuration settings: 単動 c s d ng 単 thi t l p ch鱈nh s叩ch nh坦m cho ng動 i d湛ng, b t lu n m叩y t鱈nh no ng動 i d湛ng 単ng nh p vo. User configuration settings 単動 c thi t l p khi ng動 i d湛ng 単ng nh p vo h th ng. C computer configuration settings v user configuration settings 単 u ch a 単 ng Software Settings, Windows Settings, and Administrative Templates. 8. SOFTWARE SETTINGS C trong computer configuration v user configuration, Software Settings ch ch a Software Installation. Software Installation settings tr gi炭p ch炭ng ta thi t 単 nh c叩c ph n m m 単動 c ci 単 t v b o tr狸 nh動 th no trong h th ng. Ch炭ng ta c坦 th qu n tr m t ng d ng trong m t GPO m n坦 単動 c g n v i m t Active Directory container: site, domain or OU. ng d ng c坦 th qu n tr b i m t trong 2 ch 単 : ph但n b (Assigned) ho c qu ng b叩 (Published). 18
  • 4. 9. WINDOWS SETTINGS C computer configuration v user configuration, Windows Settings 単 u ch a Scripts v Security Settings. Scripts cho ph辿p ch炭ng ta thi t l p hai lo i scripts: startup/shutdown v logon/logoff. Startup/shutdown scripts s 単動 c th c thi l炭c startup ho c shutdown. Logon/logoff scripts 単動 c th c thi khi ng動 i d湛ng 単ng nh p ho c 単ng xu t. Security Settings cho ph辿p security administrator thi t l p c叩c m c b o m t 単動 c g叩n cho local ho c nonlocal GPO. Ch c坦 trong user configuration, Windows Settings c坦 ch a group policy settings cho Internet Explorer Maintenance, Remote Installation Services, and Folder Redirection. 10. ADMINISTRATIVE TEMPLATES Trong c hai computer and user configurations, Administrative Templates ch a t t c registry-based group policy settings, g m nh ng thi t 単 nh cho Windows Components, System v Network. Windows Components cho ph辿p ch炭ng ta qu n tr thnh ph n c a Windows g m NetMeeting, Internet Explorer, Windows Explorer, Microsoft Management Console, Task Scheduler v Windows Installer. System 単動 c s d ng 単 単i u khi n ch c nng logon v logoff v group policy. Network cho ph辿p thi t l p cho Offline Files v Network and Dial-Up Connections. 丹 i v i Computer Configuration, Administrative Templates ch a 単 ng thi t 単 nh ch鱈nh s叩ch nh坦m cho m叩y in, System Settings ch a Disk Quotas, Domain Name System (DNS) Client v Windows File Protection. 丹 i v i User Configuration, Administrative Templates g m nh ng thi t 単 nh nh動 Start Menu & Taskbar, Desktop, v Control Panel. 19
  • 5. 11. CHNH SCH NHM 丹働 C TH C HI N NH働 NO a. Local GPO. M i MS Windows XP, 2003 c坦 duy nh t m t GPO c c b . b. Site GPO. B t k畛 GPO n i k t v i Site 単i u 単動 c th c hi n m t c叩ch 単 ng b . Nh qu n tr c坦 th c th h坦a th t GPO n i k t vo site. c. Domain GPO. C叩c GPOs n i k t v i domain s 単動 c th c thi 単 ng b . Nh qu n tr c坦 th c th h坦a th t GPO n i k t vo domain. d. OU GPO. GPO 単動 c n i k t v i OU b c cao h董n trong Active Directory s 単動 c th c hi n tr動 c, sau 単坦 単 n GPO trong OU con. Cu i c湛ng, GPO n i 単 n OU ch a user ho c computer 単動 c th c thi. N u m t s GPO n i v i OU, n坦 s 単動 c th c thi 単 ng b theo tr狸nh t 単動 c thi t l p b i nh qu n tr . 12. TNH TH A K TRONG CHNH SCH NHM T ng qu叩t, ch鱈nh s叩ch nh坦m 単動 c th c hi n t cha 単 n con Tuy nhi棚n, n u ch炭ng ta 単 nh ngh挑a ch鱈nh s叩ch nh坦m cho con th狸 ch鱈nh s叩ch nh坦m ny s 単竪 l棚n ch鱈nh s叩ch nh坦m 単動 c th a k t cha N u m t OU cha kh担ng 単動 c thi t l p ch鱈nh s叩ch nh坦m th狸 con c a n坦 kh担ng th a k N u ch鱈nh s叩ch nh坦m c a cha v con kh担ng xung 単 t, th狸 con s th a k ch鱈nh s叩ch cha v th c thi n ch鱈nh s叩ch c a ch鱈nh n坦 N u ch鱈nh s叩ch nh坦m c a cha v con xung 単 t, con s kh担ng th a k ch鱈nh s叩ch t cha. Ch鱈nh s叩ch c a con s 単動 c 叩p d ng 13. M T S NGO I L TH T CHNH SCH NHM M叩y t鱈nh l thnh vi棚n c a nh坦m lm vi c (Workgroup) th狸 ch th c thi ch鱈nh s叩ch nh坦m c c b th担i. Block Policy Inheritance: Kh担ng k th a ch鱈nh s叩ch nh坦m t cha. No Override: Kh担ng cho ph辿p ch鱈nh s叩ch nh坦m kh叩c ch ng l棚n ch鱈nh s叩ch nh坦m hi n h u. Khi No Override ny 単動 c b t l棚n c p mi n (domain) th狸 Block Policy Inheritance 単動 c b t l棚n c p OU s b v担 hi u h坦a. N u m t 単 i t動 ng c坦 nhi u ch鱈nh s叩ch nh坦m, th狸 th t th c hi n ch鱈nh s叩ch nh坦m l t d動 i l棚n GPO s 単動 c th c hi n theo c u tr炭c th b c trong Active Directory: local GPO, site GPO, domain GPO, v OU GPO. Tuy nhi棚n th t m c nhi棚n ny c坦 th thay 単 i b ng t湛y ch n Block Policy Inheritance, No Override 14. CH N L C (FILTER) CHNH SCH NHM Ch鱈nh s叩ch trong c叩c GPO ch nh h動 ng 単 n nh ng ng動 i d湛ng 単動 c ph辿p 単 c n坦. Ch炭ng ta c坦 th l c l i ph m vi nh h動 ng c a ch鱈nh s叩ch nh坦m trong GPO 単 n nh坦m ng動 i d湛ng th担ng qua vi c g叩n quy n. Do 単坦, ch炭ng ta c坦 th ngn kh担ng cho ch鱈nh s叩ch nh坦m t叩c 単 ng l棚n m t nh坦m no 単坦 b ng c叩ch c m 叩p d ng ch鱈nh s叩ch nh坦m. 20
  • 6. PH M VI GPO THI T L P QUY N K T QU Thnh vi棚n c a Thi t l p Apply Group- GPO s 単動 c 叩p d ng l棚n thnh vi棚n nh坦m 叩p d ng Policy (AGP) l Allow. nh坦m tr khi Apply Group Policy l Deny GPO Thi t l p Read l Allow ho c Read l Deny ho c c hai Thnh vi棚n c a Thi t l p AGP l Deny Ch鱈nh s叩ch nh坦m kh担ng 単動 c 叩p d ng nh坦m kh担ng 叩p Thi t l p Read l Deny tr棚n nh坦m ny d ng GPO ny Thnh vi棚n trong Thi t l p AGP ho c l M i ng動 i d湛ng c坦 th thu c nhi u nh坦m, nh坦m kh担ng ch c Allow ho c Deny ch鱈nh s叩ch ch 叩p d ng cho ng動 i d湛ng c坦 l c坦 叩p d ng Thi t l p Read l Allow AGP l Allow v Read l Allow ch鱈nh s叩ch nh坦m ho c Deny 15. T O 丹 I T働 NG CHNH SCH NHM (GPO) Click StartProgramsAdministrative ToolsActive Directory Users and Computers Click ph i chu t ch n OU Sales, ch n Properties. Ch n tab Group Policy Click New, 単 t t棚n GPO l Sales GPO Double click Sales GPO (ho c click ch n Edit) 21
  • 7. Trong User Configuration, ch n Administrative Templates. Trong Administrative Templates ch n Start Menu and Taskbar Start Menu and Taskbar double click ch n thi t 単 nh Remove Network Connections from Start Menu 22
  • 8. Ch n Enabled, click Apply, click OK T動董ng t , trong Control Panel, b t (enabled) thi t 単 nh Prohibit access to Control Panel Trong Desktop, b t thi t 単 nh Remove Recycle Bin icon from desktop 丹坦ng GPO li棚n k t v i Sales l i. Click OK 単坦ng h p tho i GPO c a Sales l i 16. T O CONSOLE CHO GPO Click StartRun. Nh p l nh MMC. OK Click File, ch n Add/Remove Snap-in 23
  • 9. Click Add, ch n Group Policy Editor, click Add 24
  • 11. Double click ch n Sales.ctu.edu.vn Ch n Sales GPO, click OK 26
  • 12. Click Finish, click Close. Click OK Click menu File, ch n Save in. 丹 t t棚n Sales GPO. 27
  • 13. Click Start/Programs/Administrative Tools 単 ki m tra xem Sales GPO 単達 t n t i ch動a ? 17. C P QUY N Allow log on locally CHO NHM Domain Users. Click Start/Programs/Administrive Tools/Domain Controller Security Policy Ch n Local Policies/User Rights Assignment Double click ch n Allow log on locally Click Add User or Group Ch n Browse, ch n Advanced Click Find Now. T狸m nh坦m Domain Users, double click ch n Domain Users. Click OK. Click OK. Click Apply. Click OK. Restart domain controller. 丹ng nh p vo b ng c叩c ti kho n trong Sales : pctrinh, dtdiem 単 ki m tra xem c叩c thi t 単 nh GPO c坦 ho t 単 ng kh担ng ? 18. LIN K T GPO M c nhi棚n, m t GPO s 単動 c li棚n k t 単 n domain, site, OU 単動 c ch n trong MMC khi n坦 t o ra. V狸 th , GPO ch 叩p d ng tr棚n c叩c 単 i t動 ng 単坦 th担i. Mu n s d ng GPO cho c叩c 単 i t動 ng kh叩c, ta ph i t o th棚m li棚n k t trong GPO 28
  • 14. Li棚n k t GPO c a OU Sales v i OU Marketing : 丹ng nh p vo b 単i u khi n mi n b ng ti kho n Administrator Th c thi Active Directory Users and Computers, click ph i chu t vo OU Marketing. Ch n Properties. Ch n tab Group Policy. Click Add. 29
  • 15. Click tab All, ch n Sales GPO 30
  • 16. 31
  • 17. 19. CH N L C CHNH SCH NHM V I NHM NG働 I DNG Khi ch炭ng ta t o ra GPO trong site, domain, OU th狸 nh ng ti kho n ng動 i d湛ng trong site, domain, OU s ch u t叩c 単 ng c a c叩c thi t 単 nh trong GPO 単坦. N u mu n c叩c thi t 単 nh kh担ng t叩c 単 ng l棚n c叩c ti kho n ng動 i d湛ng trong nh ng tr動 ng h p 単 c bi t, ch炭ng ta th動 ng t o ra m t nh坦m ng動 i d湛ng sau 単坦 単動a c叩c ti kho n ng動 i d湛ng lm thnh vi棚n c a nh坦m ny. Sau 単坦 thi t l p quy n Read v Apply Group Policy cho nh坦m ny l Deny T o nh坦m GVIP 丹動a ti kho n ng動 i d湛ng pctrinh trong OU Sales v hxhuong trong OU Marketing lm thnh vi棚n c a nh坦m GVIP. M Console c a Sales GPO, c p quy n truy c p Read, Apply Group Policy cho nh坦m GVIP l Deny 32
  • 18. Log off ti kho n Administrator L n l動 t 単ng nh p b ng c叩c ti kho n pctrinh, dtdiem, thdao, hxhuong 単 ki m tra. So s叩nh gi a ti kho n pctrinh, hxhuong v i dtdiem, thdao. Gi i th鱈ch ? 33
AboutCopyright
息 2025 際際滷