« previous next »
Pages: [1]   Go Down

Author Topic: Use Group Policy and the Scwcmd Tool to Deploy Security Policies  (Read 2087 times)

0 Members and 1 Guest are viewing this topic.

Use Group Policy and the Scwcmd Tool to Deploy Security Policies
« on: July 02, 2010, 06:10:50 PM »

Offline Nick

  • Administrator
  • Platinum Member
  • *
  • Posts: 46027
  • Karma: +1000/-0
  • Gender: Male
  • NickCS
    • http://www.facebook.com/nickcomputerservices
    • http://www.twitter.com/nickcomputer
    • Computer Chiangmai
Use Group Policy and the Scwcmd Tool to Deploy Security Policies

This tip shows you how to use the transform command in the Scwcmd utility to create a GPO that includes the settings in the security policy (and any security templates attached to the policy).

In an organization with many computers, you probably won’t want to apply security policy to each computer separately. You may want to apply security policies through Group Policy, and you may want to create computer OUs for this purpose.

Once you’ve created the necessary OUs, you can use the transform command in the Scwcmd utility to create a GPO that includes the settings in the security policy (and any security templates attached to the policy). You can then deploy the settings to computers by linking the new GPO to the appropriate OU or OUs.

Use the following syntax to transform a security policy:

Code: [Select]
scwcmd transform /p:FullFilePathToSecurityPolicy /g:GPOName

Here, FullFilePathToSecurityPolicy will be the full file path to the security policy’s .xml file and GPOName will be the display name for the new GPO. For example:

Code: [Select]
scwcmd transform /p:"c:\users\wrs\documents\fspolicy.xml" /g:"FileServer GPO"
When you’ve create the GPO, you can link the GPO to by following these steps:

1. In the GPMC, select the OU you want to work with. In the right pane, the Linked Group Policy Objects tab shows the GPOs that are currently linked to the selected OU (if any).

2. Right-click the OU to which you want to link the previously created GPO, and then select “Link an Existing GPO”. In the Select GPO dialog box, select the GPO you want to link to, and then click OK.

3. When Group Policy is refreshed for computers in the applicable OU, the policy settings in the GPO are applied.

Because you’ve created a new GPO and then linked the GPO to the appropriate level in the Active Directory structure, you can recover the computers to their original state by removing the link to the GPO. To remove a link to a GPO, follow these steps:

1. In the GPMC, select and then expand the OU you want to work with. In the right pane, the Linked Group Policy Objects tab shows the GPOs that are currently linked to the selected OU.

2. Right-click the GPO. On the shortcut menu, the Link Enabled option should have a checkmark to show it is enabled. Clear this option and remove the link.

From the Microsoft Press book Microsoft Windows Server 2008 Administrator’s Pocket Consultant by William R. Stanek.


credit: technet.microsoft.com

Logged

Nick Computer Services

Use Group Policy and the Scwcmd Tool to Deploy Security Policies
« on: July 02, 2010, 06:10:50 PM »
Pages: [1]   Go Up
« previous next »
 
Share this topic...
In a forum
(BBCode)
In a site/blog
(HTML)


Related Topics

  Subject / Started by Replies Last post
0 Replies
2674 Views 		Last post February 17, 2009, 05:17:54 PM
by Webmaster
0 Replies
2232 Views 		Last post June 11, 2010, 05:51:56 PM
by Nick
0 Replies
1862 Views 		Last post June 11, 2010, 06:33:55 PM
by Nick
0 Replies
2167 Views 		Last post July 02, 2010, 04:32:27 PM
by Nick
0 Replies
3103 Views 		Last post July 03, 2010, 03:58:08 PM
by Nick
0 Replies
1081 Views 		Last post January 13, 2012, 01:59:37 PM
by Nick
0 Replies
1771 Views 		Last post January 28, 2012, 11:35:35 AM
by Nick
0 Replies
6016 Views 		Last post July 02, 2012, 05:21:53 PM
by Nick
0 Replies
1045 Views 		Last post November 12, 2012, 03:51:40 PM
by Nick
0 Replies
1021 Views 		Last post July 01, 2014, 06:20:01 PM
by Nick