Group Policy Settings Reference for Windows 8 and Windows Server 2012 #Windows8 #WinServ #ITPro


Windows Server 2012 and Windows 8 include support for over 350 new group policy settings …This brings the total number of manageable system policies via Active Directory group policy to over 3,600 policy settings!  Below, I’ve summarized the new categories of group policy settings that I’m most excited about and I’ve also provided a link to a downloadable reference workbook …

What’s New in Active Directory Group Policies?

These new Group Policy settings provide improved management for new areas of these operating systems, such as:

  • Managing enterprise installation of Windows 8-style application packages (AppX)
  • Desktop personalization for Lock screen and Start screen background
  • Start Screen customization settings, such as Show “Run as Different User” on Start screen and clearing History on tile notifications
  • User Setting Sync configuration (ie., “Sync your Settings” to Skydrive)
  • New Folder Redirection settings that can configure redirection on a user’s “primary computer” only
  • User Profile roaming settings that can configure roaming on a user’s “primary computer” only
  • Windows Store – turn on / off
  • Internet Explorer customization settings ( over 150 of the new settings are specific to Internet Explorer )
  • Printing settings to handle the new v4 simplified print provider architecture
  • New Windows Explorer UI settings
  • Credential provider settings for Password sign-in, PIN sign-in and Picture Password sign-in
  • Device driver setup and compatibility settings
  • DNSClient settings, such as smart protocol reordering and response preferences
  • TCPIP settings, such as IPv6 Stateless Autoconfiguration
  • UI Customization, such as turn-off switching between recent apps
  • External boot options for Windows-to-Go
  • File History settings
  • File Server VSS Provider Shadow Copies
  • Wireless WAN Cost Policies for 3G/4G networks
  • Hotspot Authentication
  • BitLocker Volume Encryption
  • Internet Explorer customization
  • Kerberos armoring
  • Peer-to-peer caching for BranchCache
  • PowerShell Execution Policy
  • New Terminal Server Settings for RDP 8.0 and RemoteFX
  • TPM settings, such as backup TPM to Active Directory

For complete details on the new Group Policy features in Windows Server 2012 and Windows 8, read this article and download the reference workbook below.

Do I need to update my Active Directory schema to deploy these new Group Policies? 

According to the reference document, only three (3) of these new Group Policy Settings requires that the AD Schema be updated to Windows Server 2012.  These new Group Policy Settings are:

  • Turn on TPM backup to Active Directory Domain Services
  • Redirect folders on primary computers only
  • Download roaming profiles on primary computers only

 Where can I download an updated reference for all Group Policy settings?

An updated reference workbook for the new Group Policy Settings in Windows 8 and Windows Server 2012 is now available for download at:

http://www.microsoft.com/en-us/download/details.aspx?id=25250

Hope this helps!

Keith

 

 

Comments (6)
  1. Anonymous says:

    Keith,

    In order to define Windows 8 policies in a Windows 2008 R2 domain, what do I need to import, and how do I go about doing that? I have seen the reference which is nice and handy, but I'd like a file or something I could download and import into SYSVOL.

    I have read in the forums to simply copy from the policies folder in Windows 8 to SYSVOL but a user reported that after doing that, nothing changed, he wasn't able to access the new settings.

    Any recommendation or help would be appreciated!

    Thanks!

  2. Anonymous says:

    Hi Jeffrey,

    To define Windows 8 Group Policies within an existing domain, you can use the updated Group Policy Management Console (GPMC) from a Windows 8 Admin workstation.  You can also update a Group Policy central store of administrative templates using the process outlined in the following support article:

    support.microsoft.com/…/en-us

    Be sure to backup your central store prior to updating, just in case you'd like to revert back any custom defined group policy templates that were overwritten by the update.

    Hope this helps!

    Keith

  3. Anonymous says:

    We have a windows 2008 R2 domain, are there any issues opening any group policies created from a windows 2008 R2 domain controller using gpmc on a windows 2012 server or windows 8 workstation?

  4. Anonymous says:

    Hi Gary,

    File system and registry security is not available from within the local Group Policy Editor (gpedit.msc).  However, if you edit a domain policy using the Group Policy Management Console (GPMC) on your Windows 8 Admin PC, you'll see the options listed under the following policy location: Computer Configuration->Policies->Windows Settings->Security Settings->File System.

    Hope this helps!

    Keith

  5. Anonymous says:

    Hi Eddie,

    No issues we've seen with backwards compatibility to  existing 2008  R2 policies, but I generally recommend keeping your Windows 7 vs Windows 8 policies separated to keep each as small as possible for speed in processing.  In this scenario, you could the set a WMI filter of each policy to apply to only the specific OS.

    Hope this helps!

    Keith

  6. Gary Jones says:

    Hi

    I have Windows 8 Pro and was planning to configure NTFS file permissions from within group policy.

    However the File System section no longer appears under "Computer Configuration->Windows Settings->File System" when I open up gpedit in Windows 8 Pro.

    Any idea where this has been relocated/renamed to?

    Thanks

Comments are closed.