Deploying Basic Settings by Using Group Policy

In this section, you create a set of OUs to contain your computer accounts. You then create GPOs that contain settings that are intended for a specific set of computers. You use the Group Policy Management Editor to configure a GPO that contains basic firewall settings, and then assign that GPO to the OU that contains your test computer. Finally, you create and apply a Windows Management Instrumentation (WMI) filter to restrict the application of the GPO to computers that are running a specified version of Windows. This enables you to have multiple groups of computers in a single Active Directory container (OU, site, or domain) that require different settings, and ensure that each receives the correct GPO.

The GPOs that you configure include some of the basic Windows Firewall with Advanced Security settings that are part of typical enterprise firewall settings.

Step 1: Creating OUs and Placing Computer Accounts in Them³

Step 2: Creating the GPOs to Store Settings⁴

Step 3: Adding the GPO Setting to Enable the Firewall on Member Client Computers⁵

Step 4: Deploying the Initial GPO with Test Firewall Settings⁶

Step 5: Adding the Setting that Prevents Local Administrators from Applying Conflicting Rules⁷

Step 6: Configuring the Rest of Your Client Computer Firewall Settings⁸

Step 7: Creating WMI and Group Filters⁹

Step 8: Enabling Firewall Logging¹⁰

Next topic:  Step 1: Creating OUs and Placing Computer Accounts in Them³