+ Post New Thread
Results 1 to 5 of 5
Windows Thread, just wondering??? in Technical; Hi all, I was just wondering... a] how many Group Policies does everyone have for installing software? For example, do ...
  1. #1
    Admiral208's Avatar
    Join Date
    Mar 2008
    Location
    Bridgwater
    Posts
    720
    Thank Post
    176
    Thanked 63 Times in 55 Posts
    Rep Power
    40

    just wondering???

    Hi all,

    I was just wondering...

    a] how many Group Policies does everyone have for installing software? For example, do you have a GPO for each individual piece of software, or do you run them all under one?

    b] how well organised are everyones Active Directories? i have found myself organising all the users and computers into smaller OU's... for example, i have split the students into year groups, i have separated the computers in our suite, teachers laptops, laptops for the students

    interested to hear how everyone else works

    James

  2. #2

    Join Date
    Apr 2006
    Location
    UK
    Posts
    939
    Thank Post
    39
    Thanked 70 Times in 54 Posts
    Rep Power
    30
    I have GPO's for each piece of software we have licenses for, for instance i can the selectivly install software when and where it is required rather than having a GPO per room/depeartment etc. Encarta gets installed in Room T3 which is the department who purchased the licenses, but English have also purchased some linceses this term so we can push it off to F5 also.

    I've organised AD as follows:

    Pupils: Simple - By Year Group

    Teachers - Just one big teacher group

    Non-Teaching Staff - Pretty much the same as the Teachers group!

  3. #3
    User3204's Avatar
    Join Date
    Aug 2006
    Location
    Wirral
    Posts
    769
    Thank Post
    55
    Thanked 66 Times in 62 Posts
    Rep Power
    34
    I have GPOs split into four main categories:
    Machines, Users, Software Restrictions, Software Deployment
    Plus an otherwise unused one called Password Security -which applies to everything and everyone.

    Then within each category:
    Machines: has a general "default workstations", that every machine gets, then I have "normal" and "special", and Servers.
    Users: All Users, staff, students, administrative (IE me);
    Software Restrictions: staff, students, admin, programmers (they need to be able to run VB, and EXE and access specific stuff); The access to the Programmers SRP is based upon a security group, which also gives power user access to certain machines;
    Software Deployment: I have one per computer room/cluster (5 general, 2 languages, and 5 clusters);

    It's a battle between how many GPOs you want (as few as possible - easier to manage), how much differences are needed between the areas, keeping things logically separate, and minimising the number of GPOs that load per person/machine.

    Machines bootup time is longer the more GPOs are applied to them; Machines have 3;
    Users logon time is longer the more GPOs are applied to them; Users have 3;

    In terms of OU, we upgraded from NT and this left an unsorted mess of users in the general "students" OU, but these are gradually leaving. To replace this, we have created an OU per year, into which they go, although for KS5 we have this only for the new starters (we get about 70 external students per year)
    Then there is also staff OU, and an admin OU.

    Machines are all sorted into "Machines", and then each computer room, cluster has an OU, as do certain buildings that have machines dotted around (IE Tech dept, have about a dozen machines, so they have an OU).

    I tend to apply GPOs to OUs, but we do have certain machines (the "special" group) that need different access, and the "programmers" groups that have access to the programmers SRP/GPO.



    We've had SIMS learning gateway installed recently, so I now have an extra OU called SLG, into which SIMS have been creating duplicate usernames, just the staff now, but it will become the students, and eventually the parents too - which will give me an extra 5000 users, I have no GPO applied to this lot, but I will need to introduce one to stop them logging in.

  4. #4

    powdarrmonkey's Avatar
    Join Date
    Feb 2008
    Location
    Alcester, Warwickshire
    Posts
    4,859
    Thank Post
    412
    Thanked 777 Times in 650 Posts
    Rep Power
    182
    Quote Originally Posted by Admiral208 View Post
    a] how many Group Policies does everyone have for installing software? For example, do you have a GPO for each individual piece of software, or do you run them all under one?
    A mixture; mostly a GPO per application where they are deployed to different OUs, where an app is solely in one OU they are collected together into one policy to reduce the number that have to be evaluated during refreshes.

    how well organised are everyones Active Directories?
    Meticulously and, probably, anally.

  5. #5

    AngryTechnician's Avatar
    Join Date
    Oct 2008
    Posts
    3,730
    Thank Post
    698
    Thanked 1,212 Times in 761 Posts
    Rep Power
    394
    a) One single GPO for all deployed software. Each individual package is security group filtered, so only computers that are members of the corresponding security group receive the software.

    b) AD is organised as follows:
    • Servers are organised into OUs by their primary role, i.e. DC, File Server, Web Server.
    • Workstations are organised into OUs by teaching department (plus Administrative), with sub-OUs for laptops and/or labs with many workstations.
    • Student users are all in one OU.
    • Staff users are organised roughly by primary job role, i.e. Teaching, Administrative, IT Support. Administrative is further divided into OUs such as Site, Secretarial, Finance, etc.

SHARE:
+ Post New Thread

Similar Threads

  1. Ilkeston School - Wondering who got the job of NM
    By siuko in forum Educational IT Jobs
    Replies: 10
    Last Post: 2nd May 2008, 12:55 AM
  2. Just wondering...
    By leuven in forum BSF
    Replies: 8
    Last Post: 11th July 2007, 07:09 PM
  3. you might be wondering
    By russdev in forum General EduGeek News/Announcements
    Replies: 6
    Last Post: 28th April 2006, 09:12 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •