Group Policy Object; What is it and how can it allow for seamless deployment of software

In any organization from a small business to a large enterprise, control over user’s access to various resources on the network is a key component of managing the corporate environment. Access to resources such as network shares and printers to things such as settings on local stations, are just some of the items an administrator wants to manage centrally and cohesively. A common method to manage domain resources like this is via Group Policy in Active Directory.

Another, common practice is to handle mass deployment and configuration of software to client machines on the network. This allows for a smooth roll-out of the necessary software to end-users and keep both administration and help desk calls for such things to a minimum.

For example, a company purchases a solution to allow the end users in the organization to reset their own Active Directory account passwords, thereby removing the helpdesk from needing to handle this all too common task.

The client package for the software installs on the local client machine, modifies the GINA or credential provider of the operating system, and the end user’s logon experience now provides a method for them to immediately reset their password should they forget it. Additionally, software wizards for enrolling in the product and resetting passwords are installed on the workstation so the end user can manage their own enrollment and usage of the product.

A product such as this needs certain parameters configured during the installation process:

  • Domain information
  • Product service location
  • Default language
  • End user password reset profile designation
  • Etc

To streamline this installation, the network administrator can create a Group Policy Object (GPO) in the group policy interface for Active directory. Via this interface, he can define the parameters above, the location of the installation package, and then deploy this GPO to some or all users in the domain.

With that complete, the roll-out is seamless, especially from an end user perspective. The end user logs into their machine, the group policy is applied, and the new software is installed. The above and much more can be accomplished using group policies within an Active Directory domain.

Learn more about an IAM Implementation.

Battle of the email solutions: Exchange vs. Google Apps

In the industry I am in, with the job functions I perform daily, I see more and more organizations moving from an in-house email solution such as Exchange to cloud-based email solutions like Office 365 and Google Apps. This is due to many reasons and an easy way to see why is to compare Exchange and Google Apps.

Read more


Identity en Access Management

automated account management, cloud based email solutions, Compage Exchange and Google Apps, compare cloud based email solution, compare email solutions, Exchange, Google Apps

How to manage credentials the easy way

A seemingly simple, yet tedious task for anyone in the information technology field is credential management. End users are given usernames and passwords for various systems in an organizations environment, and the hope is that the end users can manage these credentials with very little issue or assistance.

Read more

Identity and Access Management vs. Identity and Access Governance

Identity and access management and identity and access governance are two terms which are often used in the tech world, which can be quite confusing. What do they mean? Are they the same thing? What do they encompass, and what can they do for my organization?

Read more


Identity en Access Management

account management, IAG, IAM, What is Identity and Access Governance?, What is Identity and Access Management?, access governance, RBAC, SSO

Account Management in Education: How Can It Be Improved?

Many school districts and even some higher-learning institutions have their technological infrastructure run by a skeleton crew due to things such as politics and budgetary constraints. Situations such as this can often lead to many issues within the organization: Lack of network resources for end users Inability to properly support end users and systems No time to research and implement newer technology This causes frustrated overworked admins to think outside the box and turn to other solutions, such as software-based, automated or semi-automated identity management.

Read more

What is the Next Step in the Evolution of the Password?

Passwords are the most common form of authentication and the current de-facto standard. In fact, passwords have existed in tech since the early 1960’s when they were implemented at MIT for the time sharing system on their computer systems for researchers. In order to allow multiple researchers to have their own personal “profile” when logging in each user was given a login name and password. This allowed each registered user to access the system for their weekly time allotment.

Read more