上QQ阅读APP看书，第一时间看更新

Linking our new GPO

Our test lab has Active Directory, Group Policy, a few OUs created, and now we even have a new GPO with a setting inside that should set the desktop wallpaper of whatever computers the policy applies to. We are finally ready to test this GPO to make sure it really works; our final remaining step is to link the GPO to a location so that it starts applying. We could link the GPO at the root of the domain and (without additional filtering) it would then filter down to all of the machines that are joined to my domain, but I don't want to be quite that extensive. I just want to test my new GPO out on a single workstation for now, which is a very common task when creating any new GPO or adding a new setting into a GPO. Always test before rolling out to production.

I have created an OU called Accounting. My LAPTOP1 workstation is currently sitting inside this OU. All I need to do in order to link my policy is to open GPMC, find the Accounting OU, and right-click on it. From the menu, choose Link an Existing GPO...:

You will now see a screen called Select GPO. This displays for you all of the GPOs that exist inside your domain. Simply select the new GPO we created called Set Desktop Wallpaper to Blue 1 and click OK:

That's all you have to do! Back inside GPMC, you can now see that the Set Desktop Wallpaper to Blue 1 GPO is linked underneath the Accounting OU. This change is immediate; the policy is now associated with that OU and the next time that any computers inside Accounting do a Group Policy refresh, they will see and apply this new setting.

For Group Policy testing scenarios, there is a command-line tool that is very commonly used to force policies to apply manually, but usually when making changes at a production level, you simply make the change inside GPMC, and then let it "sit and bake". The changes will roll around to all of your workstations over the next few hours; there is no need to manually touch each computer. That would be a nightmare! In our case, I'm not quite ready to cover the command yet because we will talk about it later in this chapter, and I also don't want to sit around and wait for the policy to apply naturally, so I am going to simply reboot LAPTOP1. Group Policy processes during boot/user login so we will take that approach. To be honest, I'm not sure that I have rebooted LAPTOP1 anyway since moving it into the Accounting OU, and so I really should do so to make sure that change is also recognized by the workstation. After rebooting LAPTOP1, I log in to it and, sure enough, my desktop is displaying a blue number one!

An aside regarding OU moves and reboots. Moving workstations from one OU to another inside Active Directory is a fairly normal process, but not everyone realizes that a reboot of the computer is necessary before the computer will recognize that location change. The computer will continue to think it is inside the old OU until you restart, upon which the new location is recognized.

本周热推：

基于C语言的程序设计人工智能产品经理：从零开始玩转AI产品服务科学概论计算机应用基础学习指导与练习（Windows XP+Office 2003）Ubuntu 9 Linux应用基础