Chat now with support
지원 담당자와 채팅

GPOADmin 5.13.5 - User Guide

Introducing Quest GPOADmin Configuring GPOADmin Using GPOADmin
Connecting to the Version Control system Navigating the GPOADmin console Search folders Accessing the GPMC extension Configuring user preferences Working with the live environment Working with controlled objects (version control root) Checking compliance Editing objects Synchronizing GPOs Exporting and importing
Creating Reports Working with the GPOADmin Dashboard Appendix: Windows PowerShell Commands Appendix: GPOADmin Event Log Appendix: GPOADmin Backup and Recovery Procedures Appendix: Customizing your workflow Appendix: GPOADmin Silent Installation Commands About Us

Group Policy Management Console extension

You can work in the Group Policy Management Console (GPMC) to perform many GPO-related tasks. GPOADmin comes with two interfaces — the GPOADmin Console, and the GPMC Extension. The console provides full functionality, and is intended for administrators responsible for a wide variety of tasks. The GPMC Extension is a convenient tool for users who are already comfortable with the GPMC, or for GPO administrators who do not need the advanced features of the GPOADmin Console.

The following tasks can be performed using the GPMC Extension:

For more information, see Using GPOADmin and Accessing the GPMC extension .

Version control

GPOs, scripts, DSC scripts, WMI filters, and Scopes of Management (domains, sites, and OUs) links can be stored and backed up in a secure Active Directory, AD LDS, network share, or SQL repository. Objects that are stored within the Version Control system are labeled with a version number. You can view all changes made to the controlled object through the object history and through numerous reports.

For detailed information, see Registering objects , Proposing the creation of controlled objects and Controlled object reports .

Change approval process

All changes made within the Version Control system are not rolled out into the online Active Directory environment until assigned users approve and deploy them.

You can enforce a multi-approval process at the container and object level so that all changes made to the live production environment are approved by all approvers. Ensuring the approval process uses the combined agreement of multiple approvers rather than just one provides better security.

Deploying changes within the system is a critical process that affects the live environment. To minimize the impact of disruption, perform this when the impact to users is minimal as the changes to the GPO might alter the behavior of particular systems.

To avoid any issues, you can schedule the deployment of the changes for a specific date and time that best suits your needs.

For detailed information, see Approving and rejecting edits and Deploying objects (scheduling and associated items) .

Role-based delegation

GPOADmin users can create and define roles that consist of a set of s to perform actions on the Version Control system. These roles can delegate users-specific access to resources within the system. GPOADmin includes predefined Built In roles (Moderator, System Administrator, and User), and granular s users can define through a custom role. For a list of s, see Configuring role-based delegation .

For more information, see Configuring the Version Control server and Configuring role-based delegation .

Table 1. Custom s

Version Controlled Objects

Version Control Container s

Protected Settings s

 

관련 문서