Chat now with support
Chat with Support

GPOADmin 5.18 - User Guide

Introducing Quest GPOADmin Configuring GPOADmin Using GPOADmin
Connecting to the Version Control system Navigating the GPOADmin console Search folders Accessing the GPMC extension Configuring user preferences Working with the live environment Working with controlled objects (version control root)
Creating a custom container hierarchy Selecting security, levels of approval, and notification options Viewing the differences between objects Copying/pasting objects Proposing the creation of controlled objects Merging GPOs Restoring an object to a previous version Restoring links to a previous version Managing your links with search and replace Linking GPOs to multiple Scopes of Management Managing compliance issues automatically with remediation rules Validating GPOs Managing GPO revisions with lineage Setting the change window for specific actions Working with registered objects Working with available objects Working with checked out objects Working with objects pending approval and deployment
Checking compliance Editing objects Synchronizing GPOs Exporting and importing
Creating Reports Appendix: Windows PowerShell Commands Appendix: GPOADmin Event Log Appendix: GPOADmin Backup and Recovery Procedures Appendix: Customizing your workflow Appendix: GPOADmin Silent Installation Commands Appendix: Configuring Gmail for Notifications Appendix: Registering GPOADmin for Office 365 Exchange Online Appendix: GPOADmin with SQL Replication About Us

Selecting events on which to be notified

Using the notification option you can set up to receive an email each time a specified action is performed within the Version Control system.

Select Notifications.

Restricting inheritance on notifications

If required, you can select to restrict the inheritance on notification settings from the Version Control root to child containers and objects.

Select the Notifications tab.
Click to enable the Block inheritance option.

Creating email templates

You can create a custom email template for notifications or email requests (if this option is enabled, see Configuring the Version Control server) and associate it with specific roles. This allows you to standardize the information that is presented to users based on their role within your organization.

You can choose to include attachments and custom subject lines for specified version control actions. For example, you can easily include forms used to track change requests in an external system, risk assessment checklist, or logs in the email.


For example, to ensure that the Watcher Service or server name does not display in the notification message, remove the following section from the template html file:



The keyword MACHINENAME specifies the computer where Watcher Service is running.

GPOADmin includes a sample template (DefaultNotificationTemplate.html) in the server installation directory. This file should not be moved or modified; however, you can use it as a basis for the creation of new templates.

Select Delegation | Roles, select the require role, and click View Role.
Select the Email Template tab.
Click Browse to select the template to use for the selected role.
If there are no templates displayed, click Add and browse to where the templates are located. The default template is located at C:\Program Files\Quest\GPOADmin.
To select an attachment to include in the email, select the Attachments tab, click Add, select the action that triggers the attachment inclusion from the list, select the attachment to include by entering its location or browsing to it, and apply the changes.
To include a subject in the email, select the Subject Lines tab, click Add, select the required action, enter the text that you want included in the Subject Line field, and apply the changes.
Click Apply to associate the template.

Working with Protected Settings policies

Protected Settings policies contain settings that you want to control. They are protected in the sense that they contain and identify the settings that may not be altered by users. This provides an added level of security for the policies within your organization. If a user attempts to create, edit, or remove the flagged settings they are stopped.

Protected Settings are identified by examining the difference report between the Protected Settings policies and the Group Policy Object being checked in. The difference is produced by using the Difference Engine in GPOADmin. Once this is completed, the protected setting function searches the difference report for matches based on the specified validation mode.

Protected Settings policies have a modified workflow and follow the typical check-out, edit, and check-in process. As with any other object, when you are ready to make the newly created Protected Settings policy active or edit an existing policy, a request approval action must be initiated.

Once the approval is granted, the Protected Settings policy is available for use.

If a protection issue is detected during check in, users with the Modify Protected Settings right on the GPO in question, have the option to continue with the check in and override the blocked setting or review a report and address the issue.

Protected settings must be:

Select Options | General and select Enable Protected Settings for Group Policy Objects.

See also:

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating