Group Policy with Vista/Server 2008

One of the coolest demonstrations I saw at TechEd had to do with the new improvements to Group Policy for Server 2008 (due later this year). Many of these improvements require a Vista client, but it was sincerely cool to see some of the things you could do via the GroupPolicy improvements.

One of the major hangups with Group Policy in current implementations is the sheer amount of space they take up. For each policy, there is an associated .ADM file that goes along with it. This .ADM file, by the way, only supports English and is a whopping 3.5 MB. That may not seem like a big deal, but remember that for each policy that exists on your network is a new .ADM file and a new 3.5 MB. If we had 100 different policies, there's 350 MB of stuff that we then need to back up. Vista/Server 2008 allow us to use .ADMX files, which are based on (you guessed it) XML which is a lot more lightweight. And, with the new .ADML file, we can have multiple languages (you could, in theory, invent your own language, as long as you didn't mind putting in the extra time making an .ADML file).

What's also cool is that Vista allows us to have multiple local policies -- which is great news if you have a home computer and want to set up highly personalized restrictions based on the user who logs on.

One of the companies that Microsoft has been gobbling up lately has included DesktopStandard, the maker of GPOVault and PolicyMaker. I won't go into all the cool features that these programs bring to the table. But one, in particular, really made me drool: PolicyMaker effectively does away with scripts. Seriously. As a poor scripter, I can't tell you how happy this makes me.

In a nutshell, it allows you, via Group Policy to do tedious tasks formally limited to scripting, such as drive mapping, printer setup, etc. And on top of that, you can filter where these tasks are applied. For example, if I told you that I wanted a script that mapped the S: to a network share called \\server3\slowcomputers\leanfiles but only for computers with less than 192 MB of RAM and only if those computers are on a certain subnet you'd probably look at me dumbfounded. (I know I would!) But with PolicyMaker (which will be integrated into GPMC in Server 08) all you have to do is place a couple of checkmarks and pull a couple of dropdowns and Wa-lah! You now have the answer to your scripting problem.

And that gives you more time for FreeCell.