Group Policy is generally designed to affect security, applications, computer settings, and user environment settings. Group Policy covering these areas can be applied to various targets, including domains, domain controllers, servers, client computers, and individual users.
The most common Group Policy settings and their targets are shown in the following table.
| Group Policy focus | Security | Applications | Computer system | Home environment |
|---|---|---|---|---|
| Domain | Passwords Accounts Kerberos |
|||
| Domain controller | User rights File DACLs Registry DACLs Audit & Event logs Local |
Administrative tools | Disk quotas | Disable standard user desktop settings |
| Servers | User rights File DACLs Registry DACLs Audit & Event logs Local |
Administrative tools | Printer moving Disk quotas |
Disable standard user desktop settings |
| Client computers | User rights File DACLs Registry DACLs Audit & event logs Local |
Core applications | Start up/shut down scripts Disk quotas Offline files |
|
| Users | EFS Policy | Published optional applications | Logon scripts IE settings Folder re-direction Desktop lockdown |