Scribd Logo
Upload

Welcome to Scribd!

  • Windows Group Policy Interview Questions and Answers - Windowstricks

    Uploaded by

    rcbhavsar4402
    90 views4 pages
    Windows GPO interview questions

    Original Title

    Windows Group Policy Interview Questions and Answers – Windowstricks

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Windows GPO interview questions

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    90 views4 pages

    Windows Group Policy Interview Questions and Answers - Windowstricks

    Uploaded by

    rcbhavsar4402
    Windows GPO interview questions

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 4

    3/10/2017 WindowsGroupPolicyInterviewQuestionsandAnswerswindowstricks.

    in

    windowstricks.in
    it's all about windows technology

    Windows Group Policy Interview Questions and Answers


    By mail2spi2014 | July 7, 2009 0 Comment

    Will share Collection on Windows group policy interview


    question with details answers, start with simple L1
    questions and continue to L3 questions

    What are group policies?

    Group policies specify how programs, network resources,


    and the operating system work for users and computers in
    an organization. They are collections of user and computer
    conguration settings that are applied on the users and
    computers (not on groups). For better administration of
    group policies in the Windows environment, the group
    policy objects (GPOs) are used.

    What is GPO?

    Group policy object (GPO) is a collection of group policy settings. It can be created using a Windows utility known as
    the Group Policy snap-in. GPO aects the user and computer accounts located in sites, domains, and organizational
    units (OUs). The Windows 2000/2003 operating systems support two types of GPOs, local and non-local (Active
    Directory-based) GPOs.

    What is Local GPOs/policy?

    Local GPOs are used to control policies on a local server running Windows 2000/2003 Server. On each Windows
    2000/2003 server, a local GPO is stored. The local GPO aects only the computer on which it is stored. By default, only
    Security Settings nodes are congured. The rest of the settings are either disabled or not enabled. The local GPO is
    stored in the %systemroot%SYSTEM32GROUPPOLICY folder.

    What is Non-local Policy?

    Non-local GPOs are used to control policies on an Active Directory-based network. A Windows 2000/2003 server needs
    to be congured as a domain controller on the network to use a non-local GPO. The non-local GPOs must be linked to a
    site, domain, or organizational unit (OU) to apply group policies to the user or computer objects. The non-local GPOs
    are stored in %systemroot%SYSVOLPOLICIESADM, where is the GPOs globally unique identier. Two non-local GPOs
    are created by default when the Active Directory is installed:
    1. Default Domain Policy: This GPO is linked to the domain and it aects all users and computers in the domain.
    2. Default Domain Controllers Policy: This GPO is linked to the Domain Controllers OU and it aects all domain

    http://www.windowstricks.in/2009/07/grouppolicies.html 1/4
    3/10/2017 WindowsGroupPolicyInterviewQuestionsandAnswerswindowstricks.in

    controllers placed in this OU.


    Multiple GPOs

    GPO Applyorder

    When multiple group policy objects are assigned, the group policies are applied in the following order:

    The local group policy object is applied rst


    Then, the group policy objects linked to sites are applied
    If multiple GPOs exist for a site, they are applied in the order specied by an administrator
    GPOs linked to the domains are applied in the specied order
    Finally, GPOs linked to OUs are applied
    The OU group policy objects are set from the largest to the smallest organizational unit, i.e., rst the parent OU and
    then the child OU.
    By default, a policy applied later overwrites a policy that was applied earlier. Hence, the settings in a child OU can
    override the settings in the parent OU
    Group policy settings are cumulative if they are compatible with each other. In case they conict with each other, the
    GPO processed later takes precedence.

    What isNo Override?Block Policy Inheritance?

    The following are the exceptions with regard to the above-mentioned settings:

    No Override:

    Any GPO can be set to No Override. If the No Override conguration is set to a GPO, no policy congured in the GPO
    can be overridden. If more than one GPO has been set to No Override, then the one that is the highest in the Active
    Directory hierarchy takes precedence

    Block Policy Inheritance:

    30% 30% 49% 24% 30% 20% 20%

    The Block Policy Inheritance option can be applied to the site, domain, or OU. It deects all group policy settings that
    reach the site, domain, or OU from the object higher in the hierarchy. However, the GPOs congured with the No
    Override option are always applied
    What isLoopback policy?

    See more onLoopback policy

    Is group policy from Parent Domain cab be inherited to child Domain?

    Group Policy Inheritance

    The group policies are inherited from parent to child within a domain. They are not inherited from parent domain to
    child domain

    Following are the rules regarding group policy inheritance:

    http://www.windowstricks.in/2009/07/grouppolicies.html 2/4
    3/10/2017 WindowsGroupPolicyInterviewQuestionsandAnswerswindowstricks.in

    A policy setting is congured (Enabled or Disabled) for a parent OU, and the same policy setting is not congured for
    its child OUs. The child OUs inherit the parents policy

    A policy setting is congured (Enabled or Disabled) for a parent OU, and the same policy setting is congured for its
    child OUs. The child OUs settings override the settings inherited from the parents OU

    If any policy is not congured, no inheritance takes place

    Compatible policy settings congured at the parent and child OUs are accumulated

    Incompatible policy settings from the parent OU are not inherited

    What is security ltering?Filtering Scope of GPOs

    Although GPOs are linked to the site, domain, or OUs, and they cannot be linked to the security groups directly,
    applying permissions to the GPO can lter its scope. The policies in a non-local GPO apply only to users who have the
    Read and Apply Group Policy permissions set to Allow

    By specifying appropriate permissions to the security groups, the administrators can lter a GPOs scope for the
    computers and users

    Continue reading page 123

    Interview Questions Home

    Related Posts:
    1. SYSVOL Folder Structure
    2. Check trusted site and activeX approval site list
    3. Gpresult failed with ERROR Access Denied
    4. GPO update failed in Slow Link VPN site with Event ID 1000 and 1054

    Category: GPO

    http://www.windowstricks.in/2009/07/grouppolicies.html 3/4
    3/10/2017 WindowsGroupPolicyInterviewQuestionsandAnswerswindowstricks.in

    PlayRummyWin WindowsServer GroupPolicySetting GPO


    RealCash 2012Interview... notapplyingon... windowstricks.in
    Ad RummyCircle.com windowstricks.in windowstricks.in windowstricks.in

    PowerShell WindowsGPO Grouppolicyisnot SysvolInterview


    commandto... Interview... applying/working... Questionsand...
    windowstricks.in windowstricks.in windowstricks.in windowstricks.in

    Copyright 2017 www.windowstricks.in.All Rights Reserved

    http://www.windowstricks.in/2009/07/grouppolicies.html 4/4

    You might also like