Vista in a W2k3 Domain

[GrumbleDook]

After swapping some emails with Nick Unmey at Microsoft he has shed some light on a few things.

First is about GPOs ... here is the conversation.

Hi Nick

Conversations have started about integrating Vista into existing school
domains. Nothing like being prepared and planning in advance ... and
let's face it, schools usually have nothing that is like planning or
things to be prepared!!!

One concern is obviously the configuration of Vista. This boils down to
use of GPOs to lock down and configure the machines. I know Vista will
use ADMX instead of ADM templates and I cannot find any information
about how we may use ADMX templates in an existing environment that does
not have Longhorn server. I dug out this article which seems to confirm this
... but any further info appreciated.

I know that there will also be different flavours of Vista and it may be
that once we get a chance to see the different flavours things might be
a bit clearer about how we can approach things, but I haven't been able
to find a lot of information about the differences other than a press
release from a while back.

----------------------

Hi Tony.

Basically you will need one Vista machine to actually manage the ADMX
files (say the admins workstation). The ADMX files are stored in a
folder in SYSVOL (sysvol\domain\policies) called 'PolicyDefinitions'
(user manually has to create this), and then each of the applicable
languages (ADML files) sit in another folder below with relevant iso
country format so for English 'en-us'.

The ADMX files are copied to the PolicyDefinitons folder, and the
applicable language files.

Please find attached a technical walkthrough that was written for the Vista early adopter customers and partners...
Section 7 of the document outlines the Group Policy use and how to set them up on Windows Server 2003

Nick

-----------------

And so I have attached the documentation.

I don't have a spare domain to play with things at the moment ... let me know how you all get on.

[kingswood]

Thanks Tony- that will come in helpful for sure.

[GrumbleDook]

Just remember folks ... Microsoft also want feedback on public betas or invite-only betas ... if you have comments to make, then stick them down and we can see what a difference it makes.

[Gatt]

Not had a chance to look through the doc that GD posted, but has anyone tried Vista with Win2k3 R2?

I know i tried with SP1 and GPO's were all to hell.. just wondering if any support for Vista (mainly ADMX) in R2?

[mark]

I added our vista machine to the domain and logged in with our pupil test user yesterday.

This PCs’ graphics card doesn’t have compatable drivers yet, and off the
domain you get the classic vista skin.

Interesting all XP policies seem to have applied (apart from new apps like the sidebar) - the start menu looks like the Win2K classic still, and
you’ll notice the ‘file’ menu from explorer and IE are missing (just as on
our main system). Students can still not access applications saved in
their home areas or on USB sticks etc.. The denied dialogue is identical.

Sophos hasn’t installed - this is the first boot so it may get applied on
a subsequent boot, and we have no applications installed yet. If we get
time perhaps we’ll try the usual suspects and let you know how we get on.

Looks tho’ this could be very much like the IE7 install recently - add the
updated ADM and spend just a little time adding the extra restrictions.
Seems very do-able.

I wonder if installing GPMC on this PC will update the sever ADMs as with IE7? It'd be good to lock down ready for any new machines we'd like to keep Vista on.