Data Centers

Have we forgotten how powerful Group Policy is?

In critical times for Microsoft, we may have underestimated this centralized management solution for Windows systems. IT pro Rick Vanover will try not to start a fight, but highlight a long-time strength from Microsoft.

These days, it seems that Microsoft is taking a lot of criticism from a number of different avenues. One thing is rather undeniable; Group Policy is a great solution for centralized management. Each time I find some new configuration item, I'll go out on Twitter and say something rash like, "Group Policy is the best product that Microsoft has ever made."

While it may be a quick-passing comment, the fact the remains that there are many configuration capabilities that Group Policy objects (GPOs) make possible. Further, there are built-in security aspects around the computer account that allow the policies (including network access) to be enabled or disabled. Group Policy as we have it now was first introduced in Windows 2000, some ten years ago. Sure plenty of agent-based system management products have come into the field, but some things are still just best addressed with Group Policy.

Part of the critique with Microsoft is that they aren't addressing the computing experience of modern times. While they haven't "won" the mobile phone operating system war, I do applaud the recent extensions of System Center Configuration Manager (SCCM) 2012 to include Android, Symbian, iPhone/iPad platforms, and oh yeah, Windows Phone 7 systems. This is big news for the traditional environment dealing with the influx of consumer devices, yet still able to meet organizational needs.

While SCCM is not Group Policy, the strategy is a welcome bridge to managing this inevitable mix of devices. At face value, some may dismiss this as irrelevant because users are able to do everything they need to do without the traditional internal IT service. Sure, the vocal minority of that class of user will be self-sufficient with their iPad and fancy phone, but they may not need to do any real work that would need a full, managed computing experience.

The next argument is whether or not the PC is dead, making Group Policy and SCCM moot. Of course the PC isn't dead. People simply use more devices; once Dell, HP and others stop selling PCs and laptops, I'll believe that. Until then, Group Policy reigns supreme for PC and server centralized management. What is your take on Group Policy?


Rick Vanover is a software strategy specialist for Veeam Software, based in Columbus, Ohio. Rick has years of IT experience and focuses on virtualization, Windows-based server administration, and system hardware.

Editor's Picks