Question

Assume you have been tasked with implementing Group Policy for 100 computers and over 120 end users. You need to ensure that most of the computer and end users’ environment is standardized using Group Policy. What are your most important concerns and what are the main considerations you need to take into account?

Answer 1

In bigger conditions, IT offices may have a Test Active Directory Forest only to test things like Group Policy. Unless you're applying Group Policy to thousands or a huge number of PCs, that might be pointless excess for your association. This is what I normally do to test:

In my Active Directory (AD) association, I get a kick out of the chance to keep a "Test" Organizational Unit (OU) that emulates a common OU for a division. In that OU, I keep a similar sub-OU format, a couple test client records, and test PCs (typically virtual machines) where I can put any of my test Group Policy before I make it accessible to end clients.

Inside the Group Policy Management Console (GPMC), it is anything but difficult to make duplicates of Group Policy Objects (GPOs) by heading off to the Group Policy Objects holder in the Group Policy Management Console (GPMC), right-tap on the GPO, pick Copy, and after that right-click once more, and pick Paste. I normally make a duplicate of the first GPO and incorporate "TEST" in the name and connection it within my Test OU. This gives me an OU where I can roll out improvements to my approach without bringing about issues for existing clients or PCs.

When you test your new strategies, guarantee that you're likewise trying against PCs as well as clients that had the old approaches connected and that have been being used by genuine individuals. In a lab setup, working frameworks have this propensity for having neatly connected pictures that have never been utilized. Client accounts and the records and settings that record have entry to are flawless and haven't been redone or changed. Some client arrangements can be influenced by past settings in the client's profile. The greatest place where this happens is Folder Redirection. You'll need to ensure that the settings that you're changing take both new logons and existing logons into thought. A decent approach to do this is to have a few clients that can test your progressions when you're practically set them out to everybody.

Contingent upon the change you're making, you might not have any desire to move it out to each client or PC in the meantime. For significant changes, I generally jump at the chance to drop a couple client and additionally PC objects into the Test OU and permit those items to keep running for a couple days. Notwithstanding being a decent approach to test how the change functions in this present reality, it allows me to check whether anything will break or cause issues for end clients before the change is taken off to everybody. It is much simpler to manage a couple of troubled clients that are having issues than a considerable measure!

As an IT division, I exceptionally suggest "eating your own particular puppy nourishment." From a Group Policy point of view, that implies that you ought to have a similar GPO's connected to your everyday client record and PC that the greater part of alternate clients in the association are getting. It ought to likewise imply that new approaches ought to get connected to you first. The snappiest approach to perceive how a Group Policy change will affect end clients is to utilize it yourself consistently. How would you realize that a specific script makes logons moderate in the event that it doesn't make a difference to you consistently? How would you realize that the screensaver timeout is too low unless you're continually logging back in light of the fact that you have the setting, as well? How would you realize that handicapping certain settings hamper a client's capacity to work unless you need to manage a similar issue?

Thank you.