In this article, we will show how to install software on user computers in an Active Directory domain using GPO. The built-in Windows GPO features allow you to deploy programs…
By default, when you create new Active Directory users, they are automatically added to the Domain Users group. In its turn, the Domain Users group is added to the local…
GPO logon scripts allow you to run a BAT or PowerShell script at computer startup or user logon/logoff. In some cases, an administrator wants a particular script (command/program) to be…
The primary tool to manage Group Policy Objects (GPOs) in an Active Directory domain is the graphic Group Policy Management Console (GPMC.msc). In order to automate and improve the performance…
You can use Microsoft Office administrative templates (ADMX) to centrally manage the settings of MS Office programs (Word, Excel. Outlook, Visio, PowerPoint, etc.) in the Active Directory domain using Group…
The Group Policy Central Store is located in the SYSVOL directory on the domain controllers, replicated between them, and used to store ADMX/ADML GPO template files used to manage Active…
You can store various useful information in the description of computer objects in Active Directory. For example, information about the computer model, hardware inventory, or the last logged-on username. In…
If you see The sign-in method is not allowed error when trying to logon Windows, it means that the resulting Group Policy settings prevent local sign-in for a current user…
All Windows versions have a built-in feature for automatically updating root certificates from the Microsoft websites. MSFT, as part of the Microsoft Trusted Root Certificate Program, maintains and publishes a…
In this GPO troubleshooting guide, I’ll try to tell you about the typical reasons why a certain Group Policy Object (GPO) might not apply to an organizational unit (OU) or…