Shulou(Shulou.com)06/01 Report--

In this issue, Xiaobian will bring you about what group strategy commands are. The article is rich in content and analyzes and narrates from a professional perspective. After reading this article, I hope you can gain something.

Group policy is crucial for system administrators, but do you understand group policy commands? Group Policy commands are described in detail below.

What are group policy commands?

You can launch windows xp group policy editor simply by clicking start → run, typing gpedit.msc in the open field of the run dialog box, and clicking ok. (Note: This "Group Policy" program is located in "c:winntsystem32" and the file name is "gpedit.msc.")

When multiple people share a computer, set user permissions in windowsxp, you can follow the following steps:

Run the Group Policy Editor program (gpedit.msc).

2. In the left pane of the editor window, expand the Computer Configuration → Windows Settings → Security Settings → Local Policies → User Permission Assignment branch step by step.

3. Double-click the user permissions that need to be changed. Click Add, and then double-click the user account you want to assign to the permission. This is shown in Figure 8. Click the OK button twice in succession.

In windows xp, a command-line tool called shutdown has been added to shut down or restart a local or remote computer. Using it, we can not only log off users, shut down or restart computers, but also realize timed shutdown and remote shutdown.

The syntax format of the group policy command is as follows:

shutdown[-i|-l|-s|-r|-a][-f][-m[computername]][-txx][-c'message'][-d[u]

:xx:yy]

Among them, the meaning of each parameter is:

-i Displays a graphical interface dialog box.

-l Logout of the current user, this is the default setting.

-mcomputername takes precedence.

-s Shut down the computer.

-r Restart after shutdown.

-a Abort closure. Parameters other than-l and computername are ignored. During the timeout period, you can only use-a.

-f Forces the application to be closed to run.

-m[computername] Specifies the computer to shut down.

-txx Sets the timer for system shutdown to xx seconds. The default is 20 seconds.

-c'message' Specifies the message to be displayed in the Messages area of the System Shutdown window. A maximum of 127 characters can be used. Message must be enclosed in quotation marks.

-d[u]

:xx:yy Lists the reason codes for system shutdown.

First, let's look at some basic uses of this set of policy commands:

1. Log out of the current user

shutdown-l

This command can only log off local users and does not apply to remote computers.

2. Shut down the local computer

shutdown-s

Restart your local computer.

shutdown-r

4. Timing shutdown

shutdown-s-t30

Specifies that the computer automatically shuts down after 30 seconds.

Group Policy Command: Add Computers and Users to Group Policy Security Groups

Once a wireless network policy is configured and working, it is easy to add additional computers to the security group that controls the policy application.

? Add computers to wireless network group policy security groups

1. In active directory users and computers, locate the wireless networkpolicy-computer security group that corresponds to the wireless network policy you want to apply. You must be logged in as a user with Modify Membership permission for this group.

2. Add computers to the selected security group.

? Add Users to Remote Access Policy Security Groups

1. Log on to the administrative computer, requiring you to log on as a member of the domainadministrators group, or log on with another account that has the security privileges required to modify membership of the remoteaccesspolicy-wirelesusers security group.

2. In active directory users and computers, locate the remoteaccesspolicy-wireless users security group that corresponds to the remote access policy that controls wireless lan access.

3. Adds users to the selected security group.

? Add computers to the Remote Access Policy security group

1. Log on to the administrative computer, requiring you to log on as a member of the domainadministrators group, or log on with another account that has the security permissions required to modify membership in the remoteaccesspolicy-wirescomputers security group

2. In active directory users and computers, locate the remoteaccesspolicy-wireless users security group that corresponds to the remote access policy that controls wireless lan access.

3. Add computers to the selected security group.

The following is an example of applying group policy to organizational units or domains for 2003

1. Click start, click administrative tools, click activedirectory users and computers, and open activedirectory users and computers.

2. Highlight the related field or organizational unit, click the Actions menu, and choose Properties.

3. Select the Group Policy tab.

Note: Multiple policies can be applied to each container. These policies are processed from the bottom of the list up. If a conflict occurs, *** the policy applied takes precedence.

4. Click New to create a policy and assign it a meaningful name, such as Domain Policy.

Note: Click the Options button to configure the No Overrides setting. "Prevent overrides" is configured for each individual policy, not the entire container;"Prevent policy inheritance" is configured for the entire container. If the No Overrides and Block Policy Inheritance settings conflict, the No Overrides setting takes precedence. To configure Block Policy Inheritance, select the check box in the ou property.

Group Policy updates automatically, but to start the update process immediately, use the following gpupdate command from a command prompt:

gpupdate/force

? Add security groups to User Rights Assignment

1. Click start, click administrative tools, click activedirectory users and computers, and open activedirectory users and computers.

2. Highlight the relevant ou (such as Member Server), click the Actions menu, and choose Properties.

3. Click the Group Policy tab, select the relevant policy, such as Member Server Baseline Policy, and click Edit.

4. In the group policy object editor, expand computer configuration, windows settings, security settings, local policies, and highlight user rights assignments.

5. In the right pane, right-click the relevant user rights.

6. Select the Define these policy settings check box and click Add Users and Groups to modify the list.

7. Click OK.

Group Policy Command: Import Security Templates into Group Policy

? Import security templates

1. Click start, click administrative tools, click activedirectory users and computers, and open activedirectory users and computers.

2. Highlight the relevant field or ou, click the Actions menu, and select Properties.

3. Select the Group Policy tab.

4. Highlight the policy and click Edit.

5. Expand computer configuration, expand windows settings, and highlight security settings.

6. Click the Actions menu and select Import Policy.

7. Navigate to security guidejobaids, select the template, and click open.

8. In the Group Policy Object Editor, click the File menu and choose Exit.

9. In Container Properties, click OK.

Group Policy Command: Use Security Configuration and Analysis

? Import security templates

1. Click Start, then Run. Type mmc in the open text box, and then click ok.

2. In microsoft administration console, click files, and select add/remove snap-ins.

3. Click Add to highlight Security Configuration and Analysis in the list.

4. Click Add, Close, OK.

5. Highlight Security Configuration and Analysis, click the Actions menu, and select Open Database.

6. Type a new database name, such as bastionhost, and click Open.

7. In the Import Templates screen, navigate to security guidejobaids and select the template. Click Open.

? Analyze imported templates and compare them with current settings

1. Highlight security configuration and analysis in the microsoft snap-in, click the actions menu, and select analyze computer now.

2. Click OK to accept the default Error Log File Path.

3. When the analysis is complete, expand the node headings to investigate the results.

? Application Security Template

1. Highlight security configuration and analysis in the microsoft snap-in, click the actions menu, and select configure computer now.

2. Click OK to accept the default Error Log File Path.

3. In the microsoft administration console, click files, and then select exit to turn off security configuration and analysis.

The above is what the group strategy commands shared by Xiaobian are. If there are similar doubts, please refer to the above analysis for understanding. If you want to know more about it, please pay attention to the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.