This exercise walks you through the steps required to create a basic Group Policy for the purpose of enforcing security settings.
- In the Active Directory Users And Computers tool, right-click the domain name and select Properties.
- Change to the Group Policy tab and select the Default Domain Policy.
- To specify the Group Policy settings, click Edit.
- In the Group Policy window, expand Computer Configuration, Windows Settings, Security Settings, Account Policies, Password Policy object.
- In the right pane, double-click the Minimum Password Length setting.
- In the Security Policy Setting dialog box, place a check mark next to the Define This Policy Setting option. Decrease the value to 7 characters. Click OK to return to the Group Policy Object Editor window.
- Open User Configuration, Administrative Templates, Control Panel object. Double-click Prohibit Access To The Control Panel, select Enabled, then click OK.
- Close the Group Policy window to save the settings you chose. Click OK to enable the Security Group Policy.
- To view the security permissions for a Group Policy object, right-click the domain name and select Properties. On the Group Policy tab, highlight the Default Domain Policy Group Policy object and select Properties.
- Select the Security tab of Default Domain Policy Properties dialog box. Click Add and enter Linda Manager. Click OK to add this account to the list of users and groups that will be affected by these Group Policy settings. This takes you back to the Default Domain Policy Properties dialog box. Highlight Linda Manager and allow this user the Read and Write permissions.
- Click OK twice to save the changes. Linda Manager will now be able to view and change information for objects in the Sales OU.
- You will not need to use Active Directory Users And Computers until a little later on, but leave the window open anyway so that you do not lose your work. If you want to close the tool now, be sure to save your settings.
