Home > Windows Security News > XP refresh gives rise to plethora of Group Policy settings
Windows Security News:
EMAIL THIS LICENSING & REPRINTS

XP refresh gives rise to plethora of Group Policy settings

By Margie Semilof, Senior News Editor
01 Sep 2004 | SearchWinIT.com

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   

Lost in all the focus on the security capabilities in Microsoft's Windows XP SP2 is the fact that there are about 700 new Group Policy settings that are valid when the upgraded desktop operating system is installed.

Overall, Group Policy is largely unchanged, other than the fact that there are several new functions that have policy settings that administrators can manipulate, said Jeremy Moskowitz, a Wilmington, Del.-based author and expert on Microsoft's Active Directory and Group Policy.

Moskowitz recommends that IT administrators go to Microsoft's Web site and download the spreadsheet to view the new Group Policy settings.

One of the

For more information

Check out a Group Policy Learning Guide

 

See why Group Policy's complexity sows fear in many

 
most important changes is that the firewall in SP2 is on by default, and all inbound client communication is stopped, Moskowitz said. That means you cannot use any of the Resultant Set of Policy (RSoP) tools because the client will deny you, he said.

Administrators can turn their firewalls off, but that's something Microsoft doesn't recommend. An alternative is to create a hole in the firewall using a particular policy setting.

"Of course this means a port is now officially open, and it does give a toehold to some nasty programs," Moskowitz said. "Any time you open a port that is the case."

But Moskowitz said he believes that in many situations, the port should be open.

Finally, he said, administrators should be aware of a retroactive bug that will occur in older operating systems when using XP SP2 Group Policy definitions. The bug causes about 50 pop-up boxes to appear, each with a generic error message that informs the administrator that it doesn't understand the ADM (administrator) template. ADM files are used to set registry keys and values that administrators may want to control.

If you try to use ADM templates on the older operating systems, you'll need to apply a free hotfix that prevents the pop-ups, he said. For more information on Group Policy settings, visit www.GPAnswers.com.



Tags: Authentication Group Policy VIEW ALL TAGS

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


HomeNewsTopicsITKnowledge ExchangeTipsAsk the ExpertsMultimediaWhite PapersIT DownloadsBlogs
About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Reprints  |  Site Map




All Rights Reserved, Copyright 2004 - 2008, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts