ITS Home
Our Departments
Applications
Operations
Networking
Learning Technologies
Distance Learning
Computer Based Testing
Help Desk
Software Training
ZipLine
Computer Store
Telecommunications
DISTRIBUTED TECHNOLOGY SERVICES

Group Policies
The following Group Policies are in effect for all computers joined to the UAnet domain:

  • WSUS GPO – Configures Windows Software Update Service settings.
  • IPtoUser GPO – Sends username and IP address data to a central syslog server.
  • Disable Network Bridge GPO – Disables Windows XP network bridging.
  • Disable Publish Printers GPO – Prevents local printers shared via peer-to-peer from being published in Active Directory.

The following Group Policies are in effect for faculty/staff computers:
  • IE GPO – Sets the Internet Explorer homepage to http://www.uakron.edu; refreshes every 30 days.
  • Windows XP Service Pack 2 Firewall GPO – Configures Windows XP Service Pack 2 firewall settings.
  • SMS GPO– Installs the SMS client software.
  • UAnet Computers Audit Configuration - Configures the security log to “Overwrite events as needed” when the maximum log size is reached.

Group Policies in effect for lab computers – Policies in labs vary depending on the requirements of the lab administrator. Contact Tom Lavelle for details

  • Windows Firewall is enabled and cannot be disabled.
  • Multicast and broadcasting are blocked.
  • Users receive notifications when programs are blocked by the firewall.
  • The following program exceptions are allowed for the 130.101.0.0 subnet:
    • Avaya Message Manager
    • Microsoft Exchange Messenger
    • VNC
    • Microsoft Active Sync
  • Users may create new program exceptions.
  • The following port exception is allowed:
    • Port 8081 (EPO)
    • Port 26675 (Microsoft Active Sync)
  • Users may not create new port exceptions.
  • Windows Remote Desktop is allowed.
  • Windows Remote Administration is allowed.
  • Windows Firewall data up to 4 MB is logged in a file called firewall.log in the windows directory.
  • ICMP is disabled.

Windows peer-to-peer file and printer sharing are allowed on 130.101.0.0 subnet.


WSUS GPO

  • Default shutdown option is “Install Updates and Shutdown” when updates are ready to be installed. WSUS will install any updates and then shutdown the computer. This “end of day” process should eliminate the need to install updates during work hours.
  • The client computer will check for updates at 3:00 a.m. Updates will be downloaded automatically and the user will be prompted to install them. If the user does not install the updates then the updates will be installed at shutdown.
  • If a scheduled check is missed then the client computer will check for updates 8 minutes after the next startup.
  • If a deadline for a required update has passed then the update will be installed automatically.
  • The client computer will not automatically restart after updates have been installed.
  • The client computer will check every 8 hours for new updates.
  • The client computer will automatically install updates that do not interrupt Windows or require a restart.

All users (administrators and non-administrators) will receive a notification about necessary updates.
Enterprise Management
Enterprise Management Home
What's New?
Frequently Asked Questions
Enterprise Management Comments
Enterprise Management Overview
Systems Management Server
EPO and McAfee
Windows Server Updates Services
Group Policy
Imaging
Ghost Images
Apple Remote Desktop
Find: People Search
  UA ZipLine
 Text-Only    Contact Us   © 2008 by The University of Akron   The University of Akron is an Equal Education and Employment Institution.
Last modified: August 16 2006 09:09:32