NetIQ Group Policy Administrator
Date Published: October 2014
This release for the NetIQ Group Policy Administrator product (GPA) improves usability and resolves previous issues. Many of these improvements were made in direct response to suggestions from our customers. We thank you for your time and valuable input. We hope you continue to help us ensure our products meet all your needs. You can post feedback in the Group Policy Administrator forum on Qmunity, our community Web site that also includes product notifications, blogs, and product user groups.
This document outlines why you should install this version, provides information about installing this version, and identifies known issues.
For more information about this release and for the latest documentation, see the Group Policy Administrator documentation Web site.
GPA is an enterprise-wide, Group Policy change control solution that helps you quickly take advantage of the powerful features Group Policy technology offers. Much more than just a replacement for other tools, GPA helps you easily implement Group Policy technology and easily manage GPOs. The following sections outline the key features and functions provided by this version, as well as issues resolved in this release.
Improve Security with Ability to Mask and Lock GPOs in the GP Repository
GPA administrators can now set security filtering on users and groups to mask and lock the GPOs in the GP repository. When you set this level of security, the GPA Console no longer allows all users to see and edit all GPOs.
Ability to Roll Out GPOs to Workstations
You can now roll out updated GPOs from the GPA console to force GPOs to update under a container. GPA enables this feature when the GPA Console is installed on Windows Server 2012 and later or Windows 8 and later computers.
Built-In Search Reports
You now have the ability to generate reports with a single click. The search results are displayed on the right side of the GPA Console with all available GPO operations provided in the search results. This version includes reports to search for the following:
Added File Security After GPO Checkout
GPA now provides access permission from the local shared folder of the GPA Console to the account that has checked out the GPOs and members of the GPA Repository Management group. This new feature prevents these checked-out files from being modified by unauthorized users.
Ability to Import AD Security Filtering
When importing GPOs using the Offline Mirror wizard and selecting the option to create identical categories to the AD OU structure, GPA imports the AD security filtering from each OU into each category in the GP Repository. This option ensures that users that do not have read and write permissions will not be able to see the categories and the GPOs inside them nor perform some category operations.
Ability to Turn On or Off GPA Console Nodes
You can now choose which nodes to display in the GPA Console.
Supports Microsoft Windows Server 2012 R2, Microsoft Windows 8.1, and Internet Explorer 11
This version supports installing the GPA Server and GPA Console components on computers running Microsoft Windows Server 2012 R2 and installing the GPA Console on computers running Windows 8.1. This version also supports using Internet Explorer 11 for reports.
Supports German Language for Reports
This version allows you to produce the following reports in the German language:
Addresses Several Issues
This version addresses the following issues:
Installing This Version
To install this version, run Setup.exe on each GPA Server and GPA Console computer.
For more information about how to install or upgrade GPA, see the User Guide on the Group Policy Administrator documentation Web site.
GPA now requires the following more recent prerequisite versions:
The prerequisite checker installs these updated versions if you select that option.
If you do not add the GPA Security account to the Domain Admins group, add the following permissions on the CN=System container for the GPA Security account in every domain where you have the GPA Console installed:
The following installation and upgrade issues are currently being researched. If you need further assistance with any issue, please contact NetIQ Technical Support (www.netiq.com/support).
Recommend Upgrading Using Same User Account as the Original Installation
When upgrading from a previous version of GPA, log on with the same user account used during the original GPA installation. (ENG300042)
If you are unable to do this, complete the following steps:
Hotfix Files Not Removed During Uninstall
Uninstalling GPA does not remove files and folders created by the hotfix installer. You must remove these files and folders manually. (ENG314337)
Installing the GPA Console on a Computer with Microsoft SQL Server 2005 Express Edition and Either Microsoft Windows Server 2008 Service Pack 1 or 2, or Microsoft Windows Vista Service Pack 1 or 2 Generates Information Events
After installing the GPA Console on a computer with Microsoft SQL Server 2005 Express Edition and either Microsoft Windows Server 2008, including Service Pack 1 or 2, or Microsoft Windows Vista Service Pack 1 or 2, when you open the Event Viewer console and expand Windows Logs > Application, some of the application events have the description Login failed for user 'NT AUTHORITY\SYSTEM'. [CLIENT: named pipe]. You can ignore these events. (ENG255755)
Installing RSAT on Microsoft Windows Vista Service Pack 2
You cannot install Remote Server Administration Tools (RSAT) on Microsoft Windows Vista Service Pack 2 although RSAT is supported on Service Pack 2. To work around this issue, install RSAT on Microsoft Windows Vista Service Pack 1, and then upgrade to Microsoft Windows Vista Service Pack 2. For more information about this issue, see the Microsoft Web site. (DOC270814)
Installing the GPA Console Using a Group Policy Object
If you use a GPO to deploy the GPA Console installation, ensure all prerequisites for installing the GPA Console are installed on the target computer prior to applying the GPO containing the GPA software package. If the computer does not meet the prerequisites, the GPA installation fails. (ENG252451)
Installing Additional GPA Components if You Remotely Install the GP Repository
If you remotely install the GP Repository and then run the setup program again on the local computer, the setup program displays upgrade windows rather than allowing you to add additional GPA components. This issue is caused by registry entries on the local computer for the remote database installation. (ENG263510)
To work around this issue:
NetIQ Corporation strives to ensure our products provide quality solutions for your enterprise software needs. The following issues are currently being researched. If you need further assistance with any issue, please contact NetIQ Technical Support (www.netiq.com/support).
Security Filtering Subcategories Always Inherit the View Category Permission
When applying the View Category permission, you can see that Apply to is always set to This object and child objects and this cannot be modified. If a user has that permission under a parent category where the top level is Domain, the user will have the permissions for the whole domain. (ENG333413)
Some Menu Options Are Not Active in Interactive Search
When using the interactive search, you can now see the Undo checkout option. The Approve option is not available because there is no consolidation of menu items. (ENG336240)
Our goal is to provide documentation that meets your needs. If you have suggestions for improvements, please email Documentation-Feedback@netiq.com. We value your input and look forward to hearing from you.
For detailed contact information, see the Support Contact Information Web site.
For general corporate and product information, see the NetIQ Corporate Web site.
For interactive conversations with your peers and NetIQ experts, become an active member of Qmunity, our community Web site that offers product forums, product notifications, blogs, and product user groups.
THIS DOCUMENT AND THE SOFTWARE DESCRIBED IN THIS DOCUMENT ARE FURNISHED UNDER AND ARE SUBJECT TO THE TERMS OF A LICENSE AGREEMENT OR A NON-DISCLOSURE AGREEMENT. EXCEPT AS EXPRESSLY SET FORTH IN SUCH LICENSE AGREEMENT OR NON-DISCLOSURE AGREEMENT, NETIQ CORPORATION PROVIDES THIS DOCUMENT AND THE SOFTWARE DESCRIBED IN THIS DOCUMENT "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. SOME STATES DO NOT ALLOW DISCLAIMERS OF EXPRESS OR IMPLIED WARRANTIES IN CERTAIN TRANSACTIONS; THEREFORE, THIS STATEMENT MAY NOT APPLY TO YOU.
For purposes of clarity, any module, adapter or other similar material ("Module") is licensed under the terms and conditions of the End User License Agreement for the applicable version of the NetIQ product or software to which it relates or interoperates with, and by accessing, copying or using a Module you agree to be bound by such terms. If you do not agree to the terms of the End User License Agreement you are not authorized to use, access or copy a Module and you must destroy all copies of the Module and contact NetIQ for further instructions.
This document and the software described in this document may not be lent, sold, or given away without the prior written permission of NetIQ Corporation, except as otherwise permitted by law. Except as expressly set forth in such license agreement or non-disclosure agreement, no part of this document or the software described in this document may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, or otherwise, without the prior written consent of NetIQ Corporation. Some companies, names, and data in this document are used for illustration purposes and may not represent real companies, individuals, or data.
This document could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein. These changes may be incorporated in new editions of this document. NetIQ Corporation may make improvements in or changes to the software described in this document at any time.
U.S. Government Restricted Rights: If the software and documentation are being acquired by or on behalf of the U.S. Government or by a U.S. Government prime contractor or subcontractor (at any tier), in accordance with 48 C.F.R. 227.7202-4 (for Department of Defense (DOD) acquisitions) and 48 C.F.R. 2.101 and 12.212 (for non-DOD acquisitions), the government's rights in the software and documentation, including its rights to use, modify, reproduce, release, perform, display or disclose the software or documentation, will be subject in all respects to the commercial license rights and restrictions provided in the license agreement.
© 2014 NetIQ Corporation and its affiliates. All Rights Reserved.
For information about NetIQ trademarks, see http://www.netiq.com/company/legal/.