Features over 800 new policy settings

Dec 18, 2006 14:39 GMT  ·  By

Windows Vista Group Policy is designed as a ubiquitous infrastructure aspect that would enable application centralized management. Microsoft initially introduced Group Policy in Windows 2000 Client and Server. According to Jim Allchin, Microsoft Co-President, Platform and Services Division, Active Directory and Group Policy are standalone investments onto themselves.

In Windows Vista, Microsoft delivers in excess of 800 new policy settings focused into scenario-based settings, according to customer feedback. The Redmond Company extended the Windows Vista policies that can be managed for Internet Explorer, but in addition, Microsoft also enhanced the Wired and Wireless networking, Windows Firewall and IPsec, Print Management, Desktop Shell, Remote Assistance and Tablet PC policies.

Windows Vista Group Policy additionally features new areas: Removable Storage Device Management, Power Management, User Account Control, Windows Error Reporting, Printer Deployment, Network Access Protection (with Windows Server "Longhorn"), Network Quality of Service and Windows Defender.

"For example, using the Group Policy capabilities in Windows Vista, an IT manager can set a policy to put the Windows Vista PCs in their environment into a reduced power state after a specified period of inactivity. IT managers who have users with sensitive data can also use Group Policy to limit use of removable storage devices on systems that handle such sensitive data. I should also note that in as much as Group Policy can be used to lock down the systems in a network, it can also be used to delegate certain features so that the non-administrator user on a machine can complete key tasks -- like installing a printer driver -- without having to ask for permission from the IT department," explained Jim Allchin.

Moreover, Windows Vista's Network Location Awareness feature enables the policy refresh behaviors in relation to modifications in network conditions. "For the Group Policy administrator, we've made significant changes to the manner in which we report events. Specifically, we take advantage of Windows Vista's new event reporting infrastructure for our administrative and operational logs. We expose richer and more logical events as policy events occur, logging information such as which Domain Controllers (DCs) were used, whether slow links were in effect, and which Group Policy Objects (GPOs) were applicable. The net effect of these changes is a more streamlined and effective troubleshooting process for Group Policy," added Allchin.