Search

Non-Local Group Policy

Nonlocal Group Policies are created in Active Directory and they can be linked to an Active Directory site, Active Directory Domain, or an Organizational unit (OU) in order to be applied to either Active Directory users or Active Directory computers. Active Directory should be installed and working in your network to work with Non-Local Group Policies.

By default, when Active Directory directory service is set up, two nonlocal GPOs are created:

Default Domain Policy: Default Domain Policy is linked to the domain, and it affects all users and computers in the domain including the domain controllers through Group Policy inheritance.

Default Domain Controllers Policy: Default Domain Controllers Policy is linked to the Domain Controllers Organizational unit (OU), and it affects Domain Dontrollers in your Active Directory Domain. You can see that all the Domain Controllers are placed in "Domain Controllers" Organizational unit (OU). You can open Default Domain Policy and Default Domain Controllers Policy from Administrative Tools.

Group Policies are stored both within the Active Directory database and inside the SYSVOL volume in domain controllers. The following are the main points you should remember while working with GPOs.

• A Group Policy Object (GPO) that is linked to an Organizational unit (OU) will apply to all objects in the Organizational unit (OU).

• A Group Policy Object (GPO) that is linked to an Active Directory Domain will apply to all objects in the Domain.

• A Group Policy Object (GPO) that is linked to an Active Directory Site will apply to all objects in the Site.

Related Tutorials