Prerequisites
·
For this example I created two Windows Server
2003 virtual machines. Computer01 was made a domain controller by using the
dcpromo command. The new domain created was called contoso.local
·
The network adapters were set to host-only
and the IP addresses for manually configured for my local network. Computer01
was given the IP address 10.1.1.1, while Computer02 was given 10.1.1.2.
·
After configuring the local network, I made
sure I was able to reach each computer. I used the ping command in the command
line to insure each computer was able to reach the other.
Software
Restriction Policies
·
Before setting up a software restriction
policy, you should create a user account in active directory users and
computers. For this exercise, I created myself and account.
·
Select
the Users OU, right click it and select new user.
·
Fill out the user information and select a
logon name. This will be important to remember when testing the new software
restriction policies.
·
After creating the new user, I created a new
OU named Students. This OU will contain the software restriction policies that
put certain restrictions on users in this OU.
·
After creating this new OU, move the newly
created user account into it. Right click the user account and select move.
From here you can select the Students OU. For the user account to work properly
you should allow the account to log on locally. You can set this under the
security policy. Alternatively, you can
logon to the account from Computer02 without problem.
·
After successfully creating your user
account, you will want to create a new group policy object (GPO). Right click
the Students OU and select properties. From here, select the Group Policy tab.
No comments:
Post a Comment