Let’s look at this article about how to create and manage a GPO in Windows Server 2022. A GPO (Group Policy Object) is basically a set of policies to set up in the domain, both on the local server and on the client computers. These policies are a set of rules and restrictions that are meant to make the computers more secure since users in many organizations can do things that go against best practices and have a global effect on Windows Server.
Table of Contents
GPO Use
GPOs allow administrators to control all of this. If you want to implement a GPO, we need to think about it. The computers that require management must be joined to the domain, and the users must have their domain credentials in order to log in. The local network must be configured via AD DS. This implies that the Active Directory (AD DS) role must already be set up on the server. Permissions are required to make changes to group policy within a domain.
GPO Types
There are two types of GPO
Default Domain Policy: It is the default policy for the domain, as its name suggests, and it includes policy settings for all computers and users in the domain.
Default Domain Controller Policy: It is another policy, but it is set up to work with the domain controller by default.
GPO Sections
When we configure a GPO, it is split up into sections such as:
Administrative Templates
Windows Settings
Each of these integrates a set of options that can be managed as required.
Open the Server Manager, click on the Tools tab, and then click Group Policy Management.
Create and Manage a GPO
Right-click on the local domain, select Create a GPO in this domain, and link it here.
Assign a name to the new GPO and click OK to create it.
You can see it in the domain structure.
Now right-click on the GPO you created and choose Edit.
You will see the following:.
Expand the Computer Configuration / Policies / Administrative Templates and click on the Start Menu and Taskbar.
Double-click to open the policy Remove and prevent access to the Shutdown, Restart, Suspend, and Hibernate commands.
Choose the Enabled box and apply the changes by clicking Apply and OK.
Now you can see the policy is enabled.
Update GOP
Type cmd in the run box to open command prompt.
Type gpupdate /force and hit enter.
By logging in to the domain client computer, you can validate that the GPO has been successfully applied.
Go back to Windows Server 2022, right-click on the domain, and choose search.
Click the search button in the displayed interface to locate the GPOs on the server.
How to Delete a GPO
Right-click on the group policy object to see the different options to use with the GPOs.
To delete a GPO, right-click on the GPO and choose delete.
Click OK to confirm the operation, and the GPO will be removed from the server.
Now you can verify the GPO has been deleted.
We’ve seen how to create and edit a GPO in Windows Server 2022 using the preceding steps.
Refer to Microsoft to learn more about Group Policy Objects.
