For Windows Server administrators, Group Policy is an integral component to manage users and hardware. As organizations migrate to newer Windows Server versions, they should consider how the switch affects the numerous individual policies used to control the Windows environment.
Group Policy administration requires some standardized means to access and display policy settings located in a Windows registry. Typically, these settings are located under the Administrative Templates section of the Group Policy Object Editor. Older versions of Windows, such as Windows NT and Windows XP, used a template file format with a proprietary markup language denoted with an .adm extension.
Starting with client operating system Windows Vista and server operating system Windows Server 2008, Microsoft replaced the proprietary .adm file format with a standards-based extensible markup language template file format dubbed .admx.
Older .adm files were stored in individual Group Policy Objects (GPOs), but .admx files provide flexibility to administrators who want to place .admx files into a centralized store where other authorized administrators can access or edit GPOs.
The Group Policy Object Editor and the Group Policy Management Console (GPMC) let system administrators access .admx files to apply Group Policy changes to system registries. Changes can be applied to individual systems or to system groups across Active Directory domains.
Group Policy offers powerful management opportunities for Windows and Active Directory enterprises. Administrators can achieve policy-based service levels, manage wired and wireless Ethernet network policies for access and security, implement end-to-end network security with IPsec connections, and complete various other tasks.
In addition, Windows PowerShell provides more than 25 cmdlets that create, delete, backup, copy, set properties, check registry values and take numerous other actions with GPOs. However, Group Policy cmdlets only run on systems with GPMC installed.
Usually, a newer Windows operating system manages any earlier operating systems that support Group Policy. For example, Windows Server 2012 should continue to support Group Policy entries on Windows Server 2008 systems. However, earlier operating system versions cannot support newer .admx template files and functionality provided in newer operating system versions.
Beginner's guide to managing with Group Policy
Dig Deeper on Windows systems and network management
Related Q&A from Stephen J. Bigelow
Application load balancers and API gateways both manage network traffic, but in their own ways. Learn the differences between them and how to use ... Continue Reading
Developers don't have a lot of free time. Code reuse helps dev teams focus on the most value aspects of a project, so ensure everyone knows how to ... Continue Reading
Although there are a handful of tools to help run Firecracker more easily, admins might find issues with the lack of major tool integration for the ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.