روش انجام كار:
يك : ماژول Group Policy Management را از سايت مايكروسافت دريافت و نصب مي كنيم
دو : GPM را باز كرده و از بخش
Group Policy Objects گروه مورد نظر خود را جهت نمايش در فروم انتخاب مي كنيم
سه : گزينه Save Report را انتخاب و در مرورگر وب گزارش را باز كرده و در همين سايت كپي مي كنيم. همين
من تنظيمات گروه خودم رو در همين جا نمايش مي دم. منتظر دوستان هستم كه هم تشريح كنند چه سياست هايي مد نظر داشتند و نيز تنظيماتشون چيه
فعلا
----------------------------------------------------
Group Policy Management
Setting Path:
Explanation
Print
Close
No explanation is available for this setting.
Supported On:
Not available
Default Domain Policy Data collected on: 2007/01/22 03:07:03 ب.ظ
General
Details
domain.com OwnerDOMAIN\Domain Admins Created2006/12/12 04:49:28 ب.ظ Modified2007/01/13 06:58:50 ب.ظ User Revisions1 (AD), 1 (sysvol) Computer Revisions34 (AD), 34 (sysvol) Unique ID{31B2F340-016D-11D2-945F-00C04FB984F9} GPO StatusEnabled
Links
LocationEnforcedLink StatusPath DomainNoEnableddomain.com
This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
NameNT AUTHORITY\Authenticated Users
WMI Filtering
WMI Filter NameNone
DescriptionNot applicable
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo NT AUTHORITY\SYSTEMEdit settings, delete, modify securityNo DOMAIN\Domain AdminsEdit settings, delete, modify securityNo DOMAIN\Enterprise AdminsEdit settings, delete, modify securityNo
Computer Configuration (Enabled)
Windows Settings
Security Settings
Account Policies/Password Policy
PolicySetting Maximum password age42 days Minimum password age0 days Minimum password length4 characters Password must meet complexity requirementsDisabled Store passwords using reversible encryptionDisabled
Account Policies/Account Lockout Policy
PolicySetting Account lockout threshold0 invalid logon attempts
Account Policies/Kerberos Policy
PolicySetting Enforce user logon restrictionsEnabled Maximum lifetime for service ticket600 minutes Maximum lifetime for user ticket10 hours Maximum lifetime for user ticket renewal7 days Maximum tolerance for computer clock synchronization5 minutes
Public Key Policies/Autoenrollment Settings
PolicySetting Enroll certificates automaticallyEnabled Renew expired certificates, update pending certificates, and remove revoked certificatesDisabled Update certificates that use certificate templatesDisabled
Public Key Policies/Encrypting File System
Properties
PolicySetting Allow users to encrypt files using Encrypting File System (EFS)Enabled
Certificates
Issued ToIssued ByExpiration DateIntended Purposes AdministratorAdministrator2009/12/11 04:56:30 ب.ظFile Recovery
For additional information about individual settings, launch Group Policy Object Editor.
Public Key Policies/Trusted Root Certification Authorities
Properties
PolicySetting Allow users to select new root certification authorities (CAs) to trustEnabled Client computers can trust the following certificate storesThird-Party Root Certification Authorities and Enterprise Root Certification Authorities To perform certificate-based authentication of users and computers, CAs must meet the following criteriaRegistered in Active Directory only
Certificates
Issued ToIssued ByExpiration DateIntended Purposes AdministratorAdministrator2009/12/11 04:56:30 ب.ظFile Recovery
For additional information about individual settings, launch Group Policy Object Editor.
User Configuration (Enabled)
Windows Settings
Remote Installation Services
Client Installation Wizard options
PolicySetting Custom SetupDisabled Restart SetupDisabled ToolsDisabled
---------------------------------------------------------