Admin911: Wwindows 2000 Group Policy


The survival guide for system administrators!"Call on Admin911 to learn what's going on with your network, to understand your options, and to pick the right solutions." —David Chernicoff, Windows 2000 Magazine
Read More Show Less
... See more details below
Available through our Marketplace sellers.
Other sellers (Paperback)
  • All (6) from $1.99   
  • New (1) from $31.99   
  • Used (5) from $1.99   
Sort by
Page 1 of 1
Showing All
Note: Marketplace items are not eligible for any coupons and promotions
Seller since 2008

Feedback rating:



New — never opened or used in original packaging.

Like New — packaging may have been opened. A "Like New" item is suitable to give as a gift.

Very Good — may have minor signs of wear on packaging but item works perfectly and has no damage.

Good — item is in good condition but packaging may have signs of shelf wear/aging or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Acceptable — item is in working order but may show signs of wear such as scratches or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Used — An item that has been opened and may show signs of wear. All specific defects should be noted in the Comments section associated with each item.

Refurbished — A used item that has been renewed or updated and verified to be in proper working condition. Not necessarily completed by the original manufacturer.


Ships from: fallbrook, CA

Usually ships in 1-2 business days

  • Standard, 48 States
  • Standard (AK, HI)
Page 1 of 1
Showing All
Sort by
Sending request ...


The survival guide for system administrators!"Call on Admin911 to learn what's going on with your network, to understand your options, and to pick the right solutions." —David Chernicoff, Windows 2000 Magazine
Read More Show Less

Product Details

  • ISBN-13: 9780072129489
  • Publisher: McGraw-Hill Companies, The
  • Publication date: 11/10/2000
  • Series: Admin911 Series
  • Pages: 480
  • Product dimensions: 7.38 (w) x 9.20 (h) x 1.31 (d)

Read an Excerpt

Chapter 1: Managing Windows 2000 with Group Policy

Group Policy is the primary component of Windows 2000's implementation of Change and Configuration Management (CCM) and is the primary mechanism for establishing uniform, effective security policies within Windows 2000 domains. Group Policy replaces Windows NT's system policy for client administration and desktop lockdown of workstations running Windows 2000 Professional.

CCM includes IntelliMirror features (user settings and data management, and software installation and management) and remote operating system installation. Group Policy Objects (GPOs), stored in Active Directory (AD), and the File Replication Service (FRS), which replicates Group Policy Templates (GPTs), provide the infrastructure for CCM. Group Policy Extensions to GPOs apply security settings, specify logon and other scripts and configure automatic installation of Windows 2000-compatible application software.

If you hope to achieve any long-term economic benefit by upgrading to Windows 2000 from Windows NT, NetWare, or both, you must implement Group Policy. The consensus of industry analysts, such as GartnerGroup and Giga Information Group, is that a return on an upgrade investment depends entirely on your implementation of effective policy management.

Windows 2000 Server and its upscale derivatives, such as Advanced Server and Datacenter Server, have wizards to aid administrators in setting up new features, such as AD, Dynamic DNS, and Virtual Private Networks that run L2TP over IPSec. You won't find a "Group Policy Wizard" in Windows 2000 Server. Group Policy is one of the most complex and, in many respects, counterintuitive features of Windows2000; if any component of Windows 2000 deserves a wizard, it's Group Policy. The absence of built-in assistance for establishing a logical and consistent set of CCM policies is one of the primary reasons for the existence of this book.

You can't escape Group Policy in a Windows 2000 domain. When you use Dcpromo.exe to create your first Windows 2000 Domain Controller (DC) during a clean installation or an upgrade of a Windows NT PDC, the AD promotion process establishes a Default Domain Policy that applies to all Windows 2000 computers and users in the domain. DCs in AD's Domain Controllers organizational unit (OU) receive Default Domain Controllers Policy. The default policies represent only the starting point of the Group Policy journey. In particular, the basic domain and DC security policies are grossly inadequate for a production network. Default local security settings for workstations and member servers contribute to weak security. The first Group Policy management example in this chapter describes how to increase your domain security level.

Comparing Group Policy with Windows NT System Policy

The immediate ancestors of Group Policy are Windows NT and 9x system policy files, Ntconfig.pol and Config.pol, respectively, that you author with the Policy Editor (Poledit.exe). These files, which load from the PDC's or BDC's Netlogon share during the client logon process, alter settings in the client's HKEY LOCAL MACHINE (HKLM) and HKEY CURRENT_USER (HKCU) Registry hives. If you've implemented (or tried to implement) system policy in a Windows NT 4.0 network, you'll appreciate Group Policy's substantial improvements to system policy's rudimentary CCM features. System policies are an element of the oxymoronic Zero Administration for Windows (ZAW) initiative that Microsoft announced in October 1996. The original ZAW press release ( promised the following features:

Automatic system update and application installation The operating system will update itself when the computer is booted, without user intervention, seeking the latest necessary code and drivers from a server, intranet, or the Internet, if available. The Automatic Desktop feature will provide users with all available applications, installing them automatically when invoked.

All state kept on server Users' data can be automatically "reflected" to servers, ensuring high availability and allowing mobile users to have access to information whether connected to the network or not. Additionally, users will be able to roam between PCs while maintaining full access to their data, applications, and customized environments.

Central administration and system lockdown All aspects of client systems will be controllable by a central administrator across the network. In a few simple steps, the system can be "locked down" to maintain controlled, consistent, and secure configurations across sets of users. The degree of flexibility can be altered on a per-user basis by the central administrator, without having to change hardware and software...

Read More Show Less

Table of Contents

Managing Windows 2000 with Group Policy. Optimizing Active Directory Topology for Group Policy. Designing Security Group Structures for Group Policy Filtering. Supporting IntelliMirror Features. Enforcing Local Computer Policies. Applying Policies at the Site and Domain Levels. Customizing Policies at the OU Level. Conforming System Policies on Downlevel Clients. Deploying Group Policies to Production Domains. Group Policy Reference. Using the GroupPol Application to Create Active Directory Objects. Closing Windows Nt Domains with the Active Directory Migration Tool (ADMT).
Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star


4 Star


3 Star


2 Star


1 Star


Your Rating:

Your Name: Create a Pen Name or

Barnes & Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation


  • - By submitting a review, you grant to Barnes & and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Terms of Use.
  • - Barnes & reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously

    If you find inappropriate content, please report it to Barnes & Noble
    Why is this product inappropriate?
    Comments (optional)