This statement stood out for me in Derek Melber's article on Vista Group Policy at redmondmag.com. In Windows XP SP2 there were more than 1,600 new policies added. With Vista, over 2,400 additional new policies have been added! According to Melber this number will dramatically increase when Microsoft releases Policy Maker.
Melber goes on to detail some of the really cool policies that have been added to Vista including: power options (control power settings to save $$$), printer installation and removable storage devices (disable USB devices to prevent straying of confidential data). In addition, a number of tools will be released (GPOVault, PolicyMaker) that Microsoft obtained via the Desktop Standard acquisition. In fact, Melber came to Microsoft via that acquisition.
I'm a huge - repeat HUGE - believer in Group Policy. I always have been and I always will be. I know for a fact that most customers are not taking advantage of all of the Group Policy capabilities that are currently (Windows 2000, Windows XP) at their disposal. I hope Vista is added impetus to customers to evaluate the benefits of Group Policy and how they can further leverage their Active Directory investment.
Melber's conclusion is "a thumbs up" to the advances. The reasons for his thumbs up - and my concerns - include:
- Changes to how the ADMX files are handled in the central store should give your Administrators an immediate return on investment (ROI) because they no longer need to fight with ADM templates or their updates, or the mismatches in ADM templates
BUT: Most execs don't care that much about an adminstrator's time savings unless it is massive. This doesn't sound like a massive difference and if a customer starts using Group Policy in Vista this won't really matter, will it?
- The options that come standard with the additional 800 GPO settings are sure to give you more immediate ROI because you can now save $75 per desktop, per year, with just one of these settings. The other settings will also provide immediate ROI, because you no longer need to worry about printer distribution or removable storage device misuse.
BUT: If and only if the desktop is a Vista desktop. These policies are not backwards compatible to Windows 2000 or Windows XP, right?
- Lastly, with the new acquisition of GPOVault and PolicyMaker, Microsoft is delivering innovative Group Policy technology and incorporating it into their own offerings.
BUT: You didn't define how Microsoft is delivering this technology. No charge download? Or is it via an add-on to desktop assurance (i.e., definitely not free!).
BUT BUT: You state that "it has not yet been decided if the new implementation of PolicyMaker will be backward compatible with Windows 2000 and Windows XP." Isn't the currently shipping PolicyMaker already compatible with Windows 2000 and Windows XP? Why not the next version?
I will re-iterate that I agree that Group Policy is one of the most spectacular technologies delivered with Active Directory. In fact, Group Policy helps to make Active Directory really "sticky".
However, in order to benefit from any of these amazing advances I have to upgrade to Vista...and to get the new tools (GPOVault, PolicyMaker) I might have to have desktop assurance and possibly have to purchase something additional on top of desktop assurance?
I'm not sure I'm feeling the ROI...
group policy, Active Directory, Microsoft