Group Policy
1. It is used for centralized management and configuration of OS, applications and users’ settings
2. A collection or group of these settings are called group policy objects
The types of Group Policy:
1. Local Group Policy Objects
2. Nonlocal Group Policy Objects
Local Group Policy Objects
1. It is a group policy for standalone client
2. It can apply on domain and non-domain client
3. It is suitable for non-domain environment
Non-local Group Policy Objects
1. It is a group policy for domain client
2. It can apply on OU, security group, sites and domains
How to edit Local Group Policy
1. We uses “Local Group Policy Editor” to edit local group policy
2. We need “Local Administrator” permission to edit local group policy
3. Press Windows Key + “R” key to open “Run dialog box”
4. Type “gpedit.msc” and click “OK” to open Local Group Policy Editor
How to edit Group Policy
1. We uses “Group Policy Management Console (GPMC)” to edit group policy
2. We need “Domain Administrators” permission to edit group policy
3. Press Windows Key + “R” key to open “Run dialog box”
4. Type “gpmc.msc” and click “OK” to open GPMC
How to export and import Local Group Policy
1. We uses LGPO.exe to export and import Local Group Policy
2. LGPO.exe is included in “Microsoft Security Compliance Toolkit“
Parse a Registry.pol to LGPO text file
1. “registry.pol” is a documented, binart file format
2. There are 2 “registry.pol”
3. registry.pol of User group policy stores in the “User” folder
4. registry.pol of Computer group polic stores in the “Machine” folder
Where can view the full list of group policy
1. From the third-party Website: Group Policy Search
2. From the official Excel Sheet: Group Policy Settings Reference for Windows and Windows Server
