Pages

Saturday, April 30, 2011

Group Policy Interview Questions

Q. What is Group Policy?
A. Group Policy is an infrastructure used to deliver and apply one or more desired configurations or policy settings to a set of targeted users and computers within an Active Directory environment. This infrastructure consists of a Group Policy engine and multiple client-side extensions (CSEs) responsible for writing specific policy settings on target client computers.

Q. What are Group Policy objects (GPOs)?
A. Group Policy objects, other than the local Group Policy object, are virtual objects. The policy setting information of a GPO is actually stored in two locations: the Group Policy container and the Group Policy template. The Group Policy container is an Active Directory container that stores GPO properties, including information on version, GPO status, and a list of components that have settings in the GPO. The Group Policy template is a folder structure within the file system that stores Administrative Template-based policies, security settings, script files, and information regarding applications that are available for Group Policy Software Installation. The Group Policy template is located in the system volume folder (Sysvol) in the \Policies subfolder for its domain.

Q. What are the differences between Group Policy, Registry-based policy, and Security policy?
A. Group Policy is an infrastructure in which IT administrators can implement standard computing environments for groups of users and computers and includes both Registry-based and Security Policy. Registry-based policy is one of the many features of Group Policy that uses Administrative templates to modify the registry settings for policy-enabled components included in Windows. Security Policy, another feature delivered by Group Policy, includes a variety of security-related settings for Microsoft Windows.

Q. Are the new Windows Vista features of GPMC available in an update to the current version of GPMC?
A. You can join a Windows Vista workstation to your existing domains in order to benefit from the new features in GPMC. GPMC is integrated directly into the Windows Vista operating system (Business, Enterprise, and Ultimate versions only) and is the standard tool for managing Group Policy along with Group Policy Object Editor. New Windows Vista features are not included in the current version of GPMC, downloadable from the Microsoft Download Center.

Q. Is there a maximum number of Group Policy objects that I can store in a domain?
A. Creating a Group Policy object will create a Group Policy container object, stored in Active Directory, and a Group Policy template, stored on the Sysvol of the domain controller. Both are limited only to the amount of free disk space.

Q. What is the maximum number of Group Policy objects a user or computer can process?
A. A user or computer cannot process more than 999 Group Policy objects. Windows Vista writes a Windows-GroupPolicy error event with an event ID of 1088 to the system event log when a user or computer attempts to process more than 999 Group Policy objects.

Q. Can I apply a Group Policy object directly to a security group?
A. You cannot apply a Group Policy object directly to a security group. However, you can use security filtering to refine which users or computers will receive and apply Group Policy settings. The Group Policy Management Console (GPMC) is the tool to manage security filtering. For more information about security filtering, see the Core Group Policy Technical Reference.

Q. What tools do I use to manage Group Policy?
A. Microsoft provides two management consoles to administer Group Policy. The Group Policy Management Console (GPMC) consists of a Microsoft Management Console (MMC) snap-in and a set of scriptable interfaces for managing Group Policy objects (but not Group Policy settings). Group Policy Object Editor, also a Microsoft Management Console, is used to edit the individual settings contained within each Group Policy object.

Q. How often is Group Policy applied and how do you change it?
A. Group Policy for computers is triggered at computer startup. For users, Group Policy is triggered when they log on. Versions of Windows before Windows XP as well as Windows Server 2003 use synchronous processing, meaning that computer Group Policy is completed before the logon dialog box is presented. User Group Policy is completed before the shell is active and available for the user to interact with it. Windows XP defaults to asynchronous policy processing. By default, Group Policy is refreshed every 90 minutes with a randomized delay of up to 30 minutes, for a total maximum refresh interval of up to 120 minutes. This interval can be changed using the computer policy setting Group Policy refresh interval for Computer located in the Computer Configuration\Administrative Templates\System\Group Policy namespace. The processing of Group Policy is explained in the Core Group Policy Technical Reference.

Q. How long does it take to process policy settings?
A. Under synchronous processing, there is a time limit of 60 minutes for all of Group Policy to finish processing on the client computer. Any client side extensions (CSE) that are not finished after 60 minutes are signaled to stop, in which case the associated policy settings might not be fully applied.

Q. What is processed under slow link behavior?
A. Administrative Templates and Security Settings are applied over a slow link and the behavior cannot be changed. By default, Software Installation, Scripts, and Folder Redirection will not process over a slow link. You can change the default Policy process behavior for these client side extensions using Group Policy Object Editor. These settings are located at Computer Configuration\Administrative Templates\System\Group Policy.

Q. What is Security Policy?
A. Security policies are rules that administrators configure on a computer or multiple computers for protecting resources on a computer or network. The Security Settings extension of the Group Policy Object Editor snap-in allows you to define security configurations as part of a Group Policy object (GPO). The GPOs are linked to Active Directory containers such as sites, domains, or organizational units, and enable administrators to manage security settings for multiple computers from any computer joined to the domain. Security settings policies are used as part of your overall security implementation to help secure domain controllers, servers, clients, and other resources in your organization.

Q. Where is the local Security Policy stored?
A. The security database in Windows 2000 had a specific table to store local security policy settings. This approach was changed in Windows XP and Windows Server 2003. Local security policy settings are written directly to their respective locations in the registry.

Q. I removed some security settings but they are still in effect. Why?
A. Under some circumstances, Windows Security Settings remain in effect after being set to undefined. In some cases, these security settings need to be explicitly overwritten to be removed. For more information, see Windows Security Settings remain in effect after removal.

Q. What is loop back processing?
A. Group Policy loop back processing can be used to alter the application of GPOs to a user by including GPOs based on the location of the computer object. The typical way to use loop back processing is to apply GPOs that depend on the computer to which the user logs on.

Thursday, April 21, 2011

How to delete corrupted and hidden rules from a single mailbox in Outlook 2003

Download MFCMapi to a folder on your computer.

The following file is available for download from the Microsoft Download Center:
Download the MfcMapi.EXE package now.
Open the folder to which you downloaded the MfcMapi.exe file, and then double-click MfcMapi.exe.
In the Choose Directory for Extracted Files box, type the path of the folder in which you want to save MFCMapi, and then click OK. For example, save MFCMapi in a folder that is named C:\MFCMapi.
Copy any rules that you created in Outlook. To do this, follow these steps:
On the Tools menu, click Rules and Alerts.
In the Rules and Alerts dialog box, click Options.
In the Options dialog box, click Export Rules. Note the location where you save the rules.
Use MFCMapi to remove all rules that are applied to the mailbox. To do this, follow these steps:
Open the folder to which you extracted MFCMapi, double-click mfcmapi, and then click OK.
On the Session menu, click Logon and Display Store Table.
If you are prompted to select a profile, click the profile name in the Profile Name list, and then click OK.
Double-click the mailbox that contains the inbox rules that you want to delete.
Expand Root Container, and then expand Top of information Store.

Note Outlook should be in Online mode to use MFCMAPI. If you see IPM_SUBTREE instead of Top of information Store, Outlook Cache mode is enabled. Disable Outlook Cache mode before you use MFCMapi.
Right-click Inbox, and then click Open Associated Contents Table.

The Open Associated Contents Table contains the hidden messages of the Inbox.
In the Inbox window, locate and then click the items that have the IPM.Rule.Message message class, and then click Delete.
Select Permanent delete passing DELETE_HARD_DELETE (unrecoverable) in the drop-down list, and then click OK.
Import the backed-up rules into Outlook. To do this, follow these steps:
On the Tools menu, click Rules and Alerts.
In the Rules and Alerts dialog box, click Options.
In the Options dialog box, click Import Rules.
Locate the rules that you copied in step 4, click Open, and then click OK.

Wednesday, April 20, 2011

Outlook 2007 printing problem

When we try to print emails from Outlook 2007 he gets the error message below:

"There is a problem with the selected printer. You might need to reinstall
this printer. Try again, or use a different printer."

Resolution: error is caused by microsoft update KB2509470. Uninstalling this will resolve the issue.

Friday, April 15, 2011

How to enable Remote Desktop remotely

Run REGEDIT from Start>Run
Click on File, then select Connect Network Registry

Type the remote computer IP or host name in the Enter the object name to select and the click OK

If you don't have permission to access the remote computer, the logon screen will show up. Type the username and password for the remote computer. Then click OK.
Now, the remote computer is listed in the Registry Editor.
Browse to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server, in the right panel, seelct fDenyTSConnection (REG_DWORD). Change the value data from 1 (Remote Desktop disabled) to 0 (Remote Desktop enabled).
Close the registry