Windows 10 – Domain Management

So while Microsoft jamming Windows 10 down your throat by forcing computers to update, IT departments are scrambling to update their network policies and servers to manage it. Well we recently had to research and do some upgrades to account for the new operating system. Unfortunately, in the Microsoft fashion, they released the the OS without the server version ready, so there’s no native way to quickly manage your policies for the computers. However, with a little work you can manage all the settings that Windows 10 has to offer (which is a lot!).

Setup A Server 2012

We first started by implementing a Windows Server 2012 (not R2) on our network and promoted it to a Domain Controller. Implementing it was very easy. Microsoft basically does it all for you when you add the role.  The longest part is running Windows Update on the server and having it reboot every time. You should be able to complete this with a server 2008 R2 domain controller but having a Server 2012 added a few features (Server Manager – ability to manage and track server health from one location) was also a driving factor to implement this.

Upgrade Domain Function Level

You are going to want to update your domain function level to 2008 R2. This can by done on a domain controller. Right click on your domain name under the Active Directory utility and select “Upgrade Domain Function Level”. You can only upgrade to what your lowest domain controller is so make sure your domain controllers are 2008 R2 or newer. If you are currently at 2003 domain function level, I would suggest going to 2008 (not R2) and wait a couple days for any issues to be worked out with any computers/servers on the domain. Then upgrade to 2008 R2.

Install Windows 10 Administrative Templates

So Microsoft has two versions of the Administrative Templates. I found I had to install both version but it took very little time, but does require a reboot of the server. The two install files can be found Here. Make sure you download both files because they include different features. Once you have downloaded them to your DC, you’ll want to run each msi. This will install the templates to C:\Program Files (x86)\Microsoft Group Policy\ and there will be two folders there (Windows 10 & Windows 10 version 1511). Inside each of those will be a folder called PolicyDefinitions with the new policies inside of that. Copy the contents of each to where your current policies are stored. If you go to \\server_name and see a folder called SYSVOL then you’re probably going to be placing them in there. Lets say you are… Select the SYSVOL folder and there should then be a folder with your domain name (domain_name.com). Select that and go into Policies and then PolicyDefinitions. Here you will past the contents you copied from C:\Program Files (x86)\Microsoft Group Policy\Windows 10\PolicyDefinitions\. I would suggest only copying the ADMX files and the folder that is your language (Ex. English (US) = en-us). Ensure you have copied both folder from the C:\ and you will now have the templates installed. You will want to close out of all Group Policy utilities and re-open them. Then, go to create a new policy and you should see all your new policies in there. The SYSVOL folder is then replicated to your other Domain Controllers so you can manage policies there too.

If you don’t have a SYSVOL folder you can go in to your Group Policy utilities and create a new policy. Right click on Administrative Template (under computer or users) and select “Add New Template” and walk through the wizard.

Conclusion

While Microsoft hasn’t made it easy to manage Windows 10 they sure know how to force a product on their customers. Also, check out some policies we have set on our network to help manage security concerns on our network.

If you’ve found additional ways to prepare for Windows 10 and manage it on your network please let us know what you’ve found. Thanks for reading and don’t forget to click subscribe to follow us on future posts!

 

 

 

 

Advertisements

System Analyst with a background in networking, several coding languages, and basic desktop support. I'm hoping to help people become more comfortable with technology and shed light on things that there may not be a lot of information on out there.

Tagged with: , , , ,
Posted in Domain Controllers, Primary, Professional, Servers, Uncategorized, Windows, Windows 10
2 comments on “Windows 10 – Domain Management
  1. this site says:

    This is the right web site for anybody who hopes to find
    out about this topic. You realize a whole lot
    its almost hard to argue with you (not that I really would want to…HaHa).
    You definitely put a new spin on a topic that
    has been discussed for ages. Great stuff, just wonderful!

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: