September 2003
Intermediate to advanced
624 pages
15h 49m
English
Content preview from Active Directory CookbookBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
9.2. Creating a GPO
Problem
You want to create a GPO to force users to have a particular desktop configuration or provision configuration settings on workstations or servers.
Solution
Using a graphical user interface
Open the GPMC snap-in.
In the left pane, expand the Forest container, expand the Domains container, and browse to the domain of the target GPO.
Right-click on the Group Policy Objects container and select New.
Enter the name of the GPO and click OK.
Using a command-line interface
> creategpo.wsf <GPOName> [/domain:<DomainDNSName>]
Using VBScript
' This code creates an empty GPO. ' ------ SCRIPT CONFIGURATION ------ strGPO = "<GPOName>" ' e.g. Sales GPO strDomain = "<DomainDNSName>" ' e.g. rallencorp.com ' ------ END CONFIGURATION --------- set objGPM = CreateObject("GPMgmt.GPM") set objGPMConstants = objGPM.GetConstants( ) ' Initialize the Domain object set objGPMDomain = objGPM.GetDomain(strDomain, "", objGPMConstants.UseAnyDC) ' Create the GPO and print the results set objGPO = objGPMDomain.CreateGPO( ) WScript.Echo "Successfully created GPO" objGPO.DisplayName = strGPO WScript.Echo "Set GPO name to " & strGPO
Discussion
When you create a GPO through the GPMC, it is initially empty with no settings or links configured. See Recipe 9.6 for more on modifying GPO settings, and Recipe 9.12 for creating a link.
Using VBScript
To create a GPO, I first instantiate a GPMDomain
object for the domain to add the GPO to. This is accomplished with
the GPM.GetDomain method. Then it is just ...