그룹 정책 (GPO)
그룹 정책은 관리자가 중앙 위치에서 네트워크 전반의 사용자와 컴퓨터 구성을 관리할 수 있도록 하는 Microsoft Windows Active Directory의 기능입니다.
그룹 정책(GPO)은 Windows 환경의 설정을 중앙 집중식으로 관리하는 도구입니다. 비밀번호 복잡성 설정부터 각 컴퓨터의 바탕 화면 배경 강제 지정까지, 네트워크 전반에 걸쳐 다양한 정책을 적용할 수 있습니다.
graph LR
Center["그룹 정책 (GPO)"]:::main
Pre_active_directory["active-directory"]:::pre --> Center
click Pre_active_directory "/terms/active-directory"
Rel_active_directory["active-directory"]:::related -.-> Center
click Rel_active_directory "/terms/active-directory"
classDef main fill:#7c3aed,stroke:#8b5cf6,stroke-width:2px,color:white,font-weight:bold,rx:5,ry:5;
classDef pre fill:#0f172a,stroke:#3b82f6,color:#94a3b8,rx:5,ry:5;
classDef child fill:#0f172a,stroke:#10b981,color:#94a3b8,rx:5,ry:5;
classDef related fill:#0f172a,stroke:#8b5cf6,stroke-dasharray: 5 5,color:#94a3b8,rx:5,ry:5;
linkStyle default stroke:#4b5563,stroke-width:2px;
🧒 5살도 이해할 수 있게 설명
📜 Imagine a school where the principal can write a set of rules on a master board, and those rules automatically appear in everyone's notebook. Group Policy is that board—it's how a boss sets the 'rules of the road' for every computer in the company at once.
🤓 Expert Deep Dive
Group Policy relies on the Client-Side Extensions (CSE) on each Windows machine to pull and apply settings from the KDC/Domain Controller. GPOs are stored in two parts: the Group Policy Container (GPC) in Active Directory (stores metadata) and the Group Policy Template (GPT) in the SYSVOL share (stores actual settings files like Registry.pol). For troubleshooting, administrators use tools like gpresult and rsop.msc to determine the Resultant Set of Policy. Modern cloud-managed environments often supplement or replace traditional GPOs with Microsoft Intune (MDM) policies, which use a different delivery mechanism but achieve similar configuration goals.