NIST's guidance for a Zero Trust Architecture

Active Directory Policies

Group Policy Objects

Group Policy settings are stored in the form of Group Policy Objects (GPOs). GPOs can be created like any other active directory object and are linked to a Site, domain or OU in which the policy settings have to be applied. The GPO stores its configuration information in two locations: Group Policy Container (GPC) and Group Policy Template (GPT).

GPC is an object which contains information like GPO’s name, ACL, version information, and enable/disable status. It is stored in the CN=Policies, CN=System container of the domain.

GPT is stored as files on the SYSVOL directory on every domain controller in the domain. It contains the administrative templates and scripts related to the GPO. The contents of the SYSVOL folder are replicated between all the domain controllers in the domain.

People also read

Windows Group Policy Object Inheritance: Explained

Managing GPOs in Active Directory

Managing GPOs with Group Policy Management Console

Group Policy Objects (GPOs): Different Policy Settings

Group Policy

Related posts
Active Directory Policies

Group Policy Management Console (GPMC) – Part II

Active Directory Policies

Fine-Grained Password Policy: A Step-by-Step Configuration Guide

Active Directory Policies

Active Directory Account Lockout Policy

Active Directory Policies

Active Directory Password Policy