Are you preparing for Group Policy job interview? Group Policy is the Windows operating system feature which is used to control the environment of accounts of both user and computer. Windows Administrator uses the group policy to set the controls on the settings deployed. It is used to manage the computers on your network. Using group policies, a whole group of users are given certain access and can be controlled just by changing it in a single system. Many of the people are not aware of this job so there is huge demand for this technology in the market. Good knowledge on these concepts will fetch you the job. Wisdomjobs framed Group Policy interview questions and answers to make it easier for your interview preparation.
Question 1. Why Should We Use Group Policy?
Answer :
Question 2. What Is Group Policy Object?
Answer :
We call the actual unit that we are creating, deleting, managing, working with is called Group Policy object.
Group Policy objects have two components:
Question 3. What Is Group Policy Container?
Answer :
It is the container in the Active Directory where the Group Policy can be applied. (i.e., either Organizational unit or Domain or Site)
Question 4. What Is Group Policy Template?
Answer :
When you create a group policy container automatically a template will be created in the hard drive, in sysvol folder of the Domain Controller that is called Group Policy template.
Question 5. Where Is Group Policy Template Stored?
Answer :
Group Policy template stored in sysvol folder.
Question 6. How To Create A Group Policy?
Answer :
Start –>Programs –>Administrative tools ->Active Directory Users and computers ->Right click on the container on which you want to apply Group Policy->Select properties-> Click on Group Policy tab->Click on New
Question 7. What Are The Steps Do We Have When We Are Creating Group Policy?
Answer :
There are two steps, one is creating Group policy and linking to the container. Generally we create the group policy at container only so when you click on New it creates and links the GPO to that container at a time. Suppose if you want to link a group policy object to a container which is already created click on Add select the group policy.
Question 8. What Are The Buttons Available On Group Policy Tab In Properties Of A Container?
Answer :
Note: When you are deleting a GPO it asks two things:
Question 9. What Is No Override Option In Gpo?
Answer :
Generally the policies set at one level will be overridden in other level, so if don’t want to override this policy under the sub levels of this one you can set this.
Ex: If you set No override at Domain level then that GPO will be applied through out the Domain, even though you have the same policy differently at OU level.
Question 10. What Is Block Inheritance Of Gpo And Where It Is?
Answer :
The Block inheritance GPO option blocks the group policies inheriting from the top level, and takes effect of this present GPO.
Right click on the container –> click on Group Policy –ègo to properties >on the bottom of the General tab you will find Block inheritance check box
Ex: If you select Block inheritance at OU level then no policy from the Domain level, or Site level or local policy will not applied to this OU.
Answer :
If you have set both then No override wins over the Block inheritance. So No override will take effect.
Question 12. What Are The Options That Are Available When You Click On Option Button On General Tab?
Answer :
Question 13. What Will You See In The Group Policy Snap In?
Answer :
You will see two major portions, and under those you have sub portions, they are:
Note: Administrative templates are for modifying the registry of windows 2000 clients.
Question 14. What Is The Hierarchy Of Group Policy?
Answer :
Question 15. Who Can Create Site Level Group Policy?
Answer :
Enterprise Admin
Question 16. Who Can Create Domain Level Group Policy?
Answer :
Domain Admin
Question 17. Who Can Create Organizational Unit Lever Group Policy?
Answer :
Domain Admin
Question 18. Who Can Create Local Group Policy?
Answer :
Local Administrator or Domain Administrator
Question 19. What Is The Refresh Interval For Group Policy?
Answer :
Refresh interval for Domain Controllers is 5 minutes, and the refresh interval for all other computers in the network is 45 minutes (this one doubt).
Question 20. Why Do We Need To Manage And Control Desktop Environment?
Answer :
Question 21. What Is Group Policy Loop Back Process? How To Set It?
Answer :
Start –>programs –>Administrative tools –>Active Directory users and computers –>Right click on the container –>click on Group policy tab –>Click on edit –>click on Computer settings –>click on Administrative templates –>system –>Group policy –>click on User group policy loop back processing mode –> click OK –> Select enable
Question 22. What Are The Players That Are Involved In Deploying Software?
Answer :
Question 23. What Is The Package That Can Be Used To Deploy Software Through Group Policy?
Answer :
Windows installer packages (.msi files)
Question 24. What Is Microsoft Installer Service?
Answer :
Microsoft Installer Service runs on the client machines in the Windows 2000 domain. It installs the minimum amount of an application, as you extend functionality it installs the remaining part of application. It is responsible for installing software in the client. It is also responsible for modifying, upgrading, applying service packs.
Answer :
Question 26. What Are The Design Considerations For Group Policy?
Answer :
The following should be considered for designing group policies:
If you have more number of GPO’s for a container, whatever GPO is on top will be applied first. If you want, you can move GPO’s up and down.
If there is conflict between two GPO’s of same container, the last applied GPO will be effective. i.e., the bottom one will be effective.
Question 27. What Is Group Policy In Active Directory ? What Are Group Policy Objects (gpos)?
Answer :
Group Policy objects, other than the local Group Policy object, are virtual objects. The policy setting information of a GPO is actually stored in two locations: the Group Policy container and the Group Policy template.
The Group Policy container is an Active Directory container that stores GPO properties, including information on version, GPO status, and a list of components that have settings in the GPO.
The Group Policy template is a folder structure within the file system that stores Administrative Template-based policies, security settings, script files, and information regarding applications that are available for Group Policy Software Installation.
The Group Policy template is located in the system volume folder (Sysvol) in the Policies subfolder for its domain.
Question 28. What Is The Order In Which Gpos Are Applied ?
Answer :
Group Policy settings are processed in the following order:
At the level of each organizational unit in the Active Directory hierarchy, one, many, or no GPOs can be linked. If several GPOs are linked to an organizational unit, their processing is in the order that is specified by the administrator, on the Linked Group Policy Objects tab for the organizational unit in GPMC.
The GPO with the lowest link order is processed last, and therefore has the highest precedence.
This order means that the local GPO is processed first, and GPOs that are linked to the organizational unit of which the computer or user is a direct member are processed last, which overwrites settings in the earlier GPOs if there are conflicts. (If there are no conflicts, then the earlier and later settings are merely aggregated.)
Question 29. How To Backup/restore Group Policy Objects ?
Answer :
Answer :
Question 31. What Is The Difference Between Software Publishing And Assigning?
Answer :
Assign Users :The software application is advertised when the user logs on. It is installed when the user clicks on the software application icon via the start menu, or accesses a file that has been associated with the software application.
Assign Computers :The software application is advertised and installed when it is safe to do so, such as when the computer is next restarted.
Publish to users : The software application does not appear on the start menu or desktop. This means the user may not know that the software is available. The software application is made available via the Add/Remove Programs option in control panel, or by clicking on a file that has been associated with the application. Published applications do not reinstall themselves in the event of accidental deletion, and it is not possible to publish to computers.
Question 32. What Are Administrative Templates?
Answer :
Administrative Templates are a feature of Group Policy, a Microsoft technology for centralised management of machines and users in an Active Directory environment. Administrative Templates facilitate the management of registry-based policy. An ADM file is used to describe both the user interface presented to the Group Policy administrator and the registry keys that should be updated on the target machines.
An ADM file is a text file with a specific syntax which describes both the interface and the registry values which will be changed if the policy is enabled or disabled.
ADM files are consumed by the Group Policy Object Editor (GPEdit). Windows XP Service Pack 2 shipped with five ADM files (system.adm, inetres.adm, wmplayer.adm, conf.adm and wuau.adm). These are merged into a unified “namespace” in GPEdit and presented to the administrator under the Administrative Templates node (for both machine and user policy).
Question 33. Can I Deploy Non-msi Software With Gpo?
Answer :
create the file in.zap extension.
Question 34. Name Some Gpo Settings In The Computer And User Parts ?
Answer :
Group Policy Object (GPO) computer=Computer Configuration, User=User ConfigurationName some GPO settings in the computer and user parts.
Answer :
make sure user not be member of loopback policy as in loopback policy it doesn’t effect user settings only computer policy will applicable. if he is member of gpo filter grp or not.
You may also want to check the computers event logs. If you find event ID 1085 then you may want to download the patch to fix this and reboot the computer.
Question 36. How Frequently Is The Client Policy Refreshed ?
Answer :
90 minutes give or take.
Question 37. Where Is Secedit ?
Answer :
It’s now gpupdate.
Question 38. What Can Be Restricted On Windows Server 2003 That Wasn’t There In Previous Products ?
Answer :
Group Policy in Windows Server 2003 determines a users right to modify network and dial-up TCP/IP properties. Users may be selectively restricted from modifying their IP address and other network configuration parameters.
Question 39. You Want To Create A New Group Policy But Do Not Wish To Inherit.
Answer :
Make sure you check Block inheritance among the options when creating the policy.
Question 40. How Does The Group Policy ‘no Override’ And ‘block Inheritance’ Work ?
Answer :
Group Policies can be applied at multiple levels (Sites, domains, organizational Units) and multiple GP’s for each level. Obviously it may be that some policy settings conflict hence the application order of Site – Domain – Organization Unit and within each layer you set order for all defined policies but you may want to force some polices to never be overridden (No Override) and you may want some containers to not inherit settings from a parent container (Block Inheritance).
A good definition of each is as follows:
No Override – This prevents child containers from overriding policies set at higher levels
Block Inheritance – Stops containers inheriting policies from parent containers
No Override takes precedence over Block Inheritance so if a child container has Block Inheritance set but on the parent a group policy has No Override set then it will get applied.
Also the highest No Override takes precedence over lower No Override’s set.
To block inheritance perform the following:
To set a policy to never be overridden perform the following:
Group Policy Related Tutorials |
|
---|---|
Windows 10 Tutorial | Windows 10 Development Tutorial |
Group Policy Related Practice Tests |
|
---|---|
Active Directory Practice Tests | Windows Administration Practice Tests |
DHCP Practice Tests | SCCM Practice Tests |
All rights reserved © 2020 Wisdom IT Services India Pvt. Ltd
Wisdomjobs.com is one of the best job search sites in India.