resources:courses:gws_c2
差别
这里会显示出您选择的修订版和当前版本之间的差别。
| 两侧同时换到之前的修订记录前一修订版后一修订版 | 前一修订版 | ||
| resources:courses:gws_c2 [2025/01/22 17:57] – jackiez | resources:courses:gws_c2 [2025/01/23 13:43] (当前版本) – jackiez | ||
|---|---|---|---|
| 行 81: | 行 81: | ||
| ## 练习3 | ## 练习3 | ||
| 配置合规性政策 | 配置合规性政策 | ||
| + | IT经理想遵循Google的最佳实践,一个是在邮件末尾添加合规脚注(对外邮件),另一个是禁止用户收到包含视频,多媒体或是音乐附件的外部邮件。 | ||
| + | {{: | ||
| + | {{: | ||
| + | 附件设定如下: | ||
| + | {{: | ||
| + | {{: | ||
| + | {{: | ||
| + | 确认效果: | ||
| + | {{: | ||
| + | {{: | ||
| + | ## 测试2 | ||
| + | < | ||
| + | - **Modify message** | ||
| + | - **Reject message** | ||
| + | - Deliver message | ||
| + | - **Quarantine message** | ||
| + | < | ||
| + | - Create a personal email alias | ||
| + | - Name format (eg. First, Last) | ||
| + | - **Add POP3 accounts to the user's inbox** | ||
| + | - **Display language for the Gmail interface** | ||
| + | < | ||
| + | - **Default language** | ||
| + | - Name format | ||
| + | - Allow users to delegate access to their mailbox | ||
| + | - Allow users to set Gmail themes | ||
| + | ## 练习1 | ||
| + | 设置日历共享 | ||
| + | 公司想允许内部,但禁止外部共享日历,对外只能显示闲/ | ||
| + | {{: | ||
| + | 默认对外只显示闲/ | ||
| + | {{: | ||
| + | 再设定第二日历,对外只显示闲/ | ||
| + | {{: | ||
| + | < | ||
| + | 而Secondary日历,通常用于组织特定类型的事件,如PJ会议,假期安排或个人兴趣爱好等,可以根据需要创建,删除,隐藏或分享Secondary日历,可以为不同Secondary日历设定不同的访问权限 。</ | ||
| + | ## 练习2 | ||
| + | 设置日历资源 | ||
| + | 所有用户可以预订会议室,但是Boardroom只有Ellie可以预定,这类似于役员会议室只有高管可以预定一样。 | ||
| + | 试用的Business Plus版本好像无法查看练习步骤中的内容,这个练习跳过。 | ||
| + | ## 测试3 | ||
| + | < | ||
| + | - **Bookable conference rooms** | ||
| + | - Contacts | ||
| + | - **Bookable equipment** | ||
| + | - Calendar dates | ||
| + | |||
| + | < | ||
| + | - Users control what they share externally from their secondary calendars | ||
| + | - Users control what they share externally from their primary calendar | ||
| + | - Users can create their own resources | ||
| + | - **Users control what they share internally** | ||
| + | |||
| + | < | ||
| + | - **Default level of internal sharing for primary calendar** | ||
| + | - Calendar delegation to other users | ||
| + | - **Highest level of external sharing for primary calendars** | ||
| + | - Access to individual calendar labs | ||
| + | - Time zone selections for calendar display | ||
| + | |||
| + | < | ||
| + | - **Features** | ||
| + | - Groups to provide access to each resource | ||
| + | - Locations | ||
| + | - **Buildings** | ||
| + | |||
| + | ## 练习1 | ||
| + | 允许用户将资料分享给外部,但不允许发布到网上。内部分享,则是只要有Link就可以查看。 | ||
| + | {{: | ||
| + | 参考资料: | ||
| + | 1.[[https:// | ||
| + | 2.[[https:// | ||
| + | {{: | ||
| + | 放开Link分享,主要基于2点考虑: | ||
| + | - 便于内部分享,但外部获得链接也无法打开,因为需要组织账户的登录 | ||
| + | - 文档的链接不容易出现在搜索结果中(如果大家都用Notion的话,这个搜索结果有可能包含文档链接) | ||
| + | < | ||
| + | {{: | ||
| + | 设定白名单,会自动跳转到这里 | ||
| + | {{: | ||
| + | ## 练习2 迁移所有权 | ||
| + | 文档可以有许多Editor和Viewer,但同一时间只能有一个Owner。默认创建者是Owner,但可以转移。 | ||
| + | {{: | ||
| + | < | ||
| + | 2个人都会收到邮件通知 | ||
| + | {{: | ||
| + | ## 练习3 | ||
| + | 恢复被删除的文件 | ||
| + | 你可以恢复最远25天前删除的文件。 | ||
| + | 使用Tim的账号,新建一个表格文件,然后放入回收站,再清空 | ||
| + | {{: | ||
| + | 再用管理员账号,为Tim恢复数据 | ||
| + | {{: | ||
| + | {{: | ||
| + | 等了几分钟还没恢复,静观 | ||
| + | ## 练习4 | ||
| + | 允许文档的离线访问 | ||
| + | 对于海外出差的人来说,这个就类似于本地保存(DSFolder) | ||
| + | {{: | ||
| + | 默认是打开的 | ||
| + | 参考资料:[[https:// | ||
| + | 问题:Sam可以使用Firefox来访问他的离线文档吗? | ||
| + | - 不可以,必须使用Chrome或是Edge浏览器,且不要使用无痕浏览。 | ||
| + | |||
| + | 问题:Sam需要安装什么app | ||
| + | - 需要安装Google文档离线功能的Chrome扩展 | ||
| + | |||
| + | 问题:Sam需要采取哪些步骤 | ||
| + | - 打开GoogleDrive | ||
| + | - 设置,离线设置 | ||
| + | {{: | ||
| + | {{: | ||
| + | ## 练习5 | ||
| + | 谷歌硬盘桌面版,允许用户自己安装。 | ||
| + | {{: | ||
| + | {{: | ||
| + | ## 练习6 | ||
| + | 创建共享Drive | ||
| + | {{: | ||
| + | 使用Tim的账号创建共享Drive | ||
| + | {{: | ||
| + | 然后添加共享对象 | ||
| + | < | ||
| + | ## 练习7 | ||
| + | {{: | ||
| + | 在Drive and Docs> | ||
| + | 这里取消勾选,然后保存。 | ||
| + | 再用Tim账号登录,发现已经变成灰色,不能更改了。 | ||
| + | {{: | ||
| + | {{: | ||
| + | ## 测试4 | ||
| + | < | ||
| + | - **Require a Google sign in when viewing a shared file** | ||
| + | - **Enable the feature that warns users when sharing outside the organization** | ||
| + | - Allow users to share publicly | ||
| + | - Ensure users are only allowed to share with users in the global directory. | ||
| + | |||
| + | < | ||
| + | - Have users save their docs to a Google Group that everyone belongs to | ||
| + | - Have users save their docs to a shared drive that everyone belongs to | ||
| + | - **Change Link Sharing Defaults to "ON - Primary target audience with the link" | ||
| + | - Have users save their docs to a My Drive folder that is shared with everyone | ||
| + | |||
| + | < | ||
| + | - From the user's My Drive folder | ||
| + | - The user's profile in the admin console | ||
| + | - **From the Drive and Docs service settings page** | ||
| + | - **When deleting a user from the admin console** | ||
| + | |||
| + | <q>A user left your company last month and you deleted their Google Workspace account 15 days ago. You have been contacted as the administrator and asked if you can recover the deleted user's documents. What should you do?</ | ||
| + | - Advise the requester that you cannot restore a deleted user's files. | ||
| + | - Advise the requestor that 14 days after account deletion, all data is purged so you cannot recover any documents | ||
| + | - **Restore the user, transfer the files to a new owner, and delete the user again.** | ||
| + | - Restore the files from the deleted user's account | ||
| + | |||
| + | < | ||
| + | - **View drive contents** | ||
| + | - Manage members | ||
| + | - Delete a shared drive | ||
| + | - Restore a deleted drive or files | ||
| + | - Manage shared drive sharing settings | ||
| + | |||
| + | ## 练习1 | ||
| + | 设定MobileDevicePolicis | ||
| + | 背景是公司要搞BYOD | ||
| + | {{: | ||
| + | {{: | ||
| + | {{: | ||
| + | {{: | ||
| + | {{: | ||
| + | ## 练习2 | ||
| + | 登录一个MobileDevice | ||
| + | 这个练习只适合于安卓手机,所以跳过(公司也全换成苹果手机了) | ||
| + | ## 练习3 | ||
| + | 处理纷失或被入侵手机 | ||
| + | 这个也没有实操条件,略 | ||
| + | ## 测试5 | ||
| + | < | ||
| + | - Apps | ||
| + | - Company profile | ||
| + | - Mobile Management | ||
| + | - **Devices** | ||
| + | |||
| + | < | ||
| + | - **Android work profiles** | ||
| + | - **Device approvals** | ||
| + | - Android app management | ||
| + | - Remote account wipe | ||
| + | |||
| + | < | ||
| + | - Add a compliance rule | ||
| + | - **Add a device management rule** | ||
| + | - Add a data loss prevention (DLP) rule | ||
| + | - Any of the options here | ||
| + | |||
| + | <q>An end user in your organization has lost their device. This is a personal device with a work profile. Based on this training, what would be your next step?</ | ||
| + | - Suspend the user | ||
| + | - Immediately get your user a new mobile device | ||
| + | - **Wipe the device to remove the user's work profile** | ||
| + | - Ask the user where they think they lost the device, and wait for them to find it | ||
| + | |||
| + | ## Google Vault | ||
| + | 主要用于组织数据的Archive和E-Discovery和法令要求,它支持Gmail, | ||
| + | ## 练习1 | ||
| + | {{: | ||
| + | {{: | ||
| + | {{: | ||
| + | 这是对高管们的Gmail,对一般用户,执行1年有效 | ||
| + | {{: | ||
| + | ## 练习2 | ||
| + | 在Vault中,Matter是一个容器,保存某一主题相关的所有数据,比如公司内调查,它包括 | ||
| + | - Saved search queries | ||
| + | - A list of accounts with data on litigation hold | ||
| + | - A list of the accounts that can access the matter | ||
| + | - Export sets for the matter | ||
| + | - An audit trail for the matter | ||
| + | |||
| + | ## 练习3 | ||
| + | {{: | ||
| + | {{: | ||
| + | 然后可以导出结果 | ||
| + | {{: | ||
| + | 类似的搜索条件,可以创建Hold | ||
| + | {{: | ||
| + | ## 练习4 | ||
| + | 搜索和导出,上面已经做过了,略 | ||
| + | |||
| + | ## 测试6 | ||
| + | < | ||
| + | - **15 days** | ||
| + | - Indefinitely | ||
| + | - 30 days | ||
| + | - Until the matter is closed | ||
| + | |||
| + | < | ||
| + | - **Organizational Unit (OU)** | ||
| + | - **Data Type (Mail, Drive etc)** | ||
| + | - Domain | ||
| + | - **Specific Accounts** | ||
| + | |||
| + | < | ||
| + | - **Only when there are no applicable custom retention rules or holds in place** | ||
| + | - Always unless the user is on hold | ||
| + | - Always unless a custom retention rule applies | ||
| + | - Always, default retention rules take precedence over custom retention rules and holds | ||
| + | |||
| + | < | ||
| + | - Contacts | ||
| + | - Blogs | ||
| + | - **Groups** | ||
| + | - **Drive** | ||
| + | - **Meet** | ||
| + | |||
| + | ## 练习1 | ||
| + | 各类Reports,自行查看,略 | ||
| + | ## 练习2 | ||
| + | {{: | ||
| + | {{: | ||
| + | {{: | ||
| + | 显示结果: | ||
| + | {{: | ||
| + | |||
| + | ## 练习3 | ||
| + | 新建Email报警, | ||
| + | {{: | ||
| + | |||
| + | < | ||
| + | 但Reporting Rules可以创建 | ||
| + | {{: | ||
| + | {{: | ||
| + | |||
| + | ## 练习4 | ||
| + | Email日志搜索 Email Log search, | ||
| + | {{: | ||
| + | |||
| + | ## 测试7 | ||
| + | < | ||
| + | - Scope | ||
| + | - Scope and Actions | ||
| + | - **Actions** | ||
| + | - Condition | ||
| + | |||
| + | < | ||
| + | - **Admin audit log** | ||
| + | - Refer to the audit log for each service and build an aggregated report | ||
| + | - Use a BigQuery export | ||
| + | |||
| + | < | ||
| + | - **Apps usage** | ||
| + | - Admin account status | ||
| + | - **Users account status** | ||
| + | - **External file sharing** | ||
| + | |||
| + | ## 域名别名 | ||
| + | 它能给所有用户提供多一个邮件地址 | ||
| + | ## 练习1 | ||
| + | 添加域名别名和新增域 | ||
| + | 我手上目前确实还有2个域名,但添加域名所需的TXT记录等操作比较麻烦,就不做了。 | ||
| + | {{: | ||
| + | {{: | ||
| + | |||
| + | ## 练习2 | ||
| + | 信赖一个域 | ||
| + | 互相信赖的两个域之间,可以共享GoogleDrive文件。 | ||
| + | Admin> | ||
| + | < | ||
| + | 2.Primary域名的子域或别名不会被自动添加的,需要手动添加,每次最多添加200个</ | ||
| + | |||
| + | ## 测试8 | ||
| + | < | ||
| + | - **Add their primary domain, subdomains and any aliases to your list of trusted/ | ||
| + | - Add their primary domain to your list of allowed domains | ||
| + | - Create a domain alias using their domain name in your Google Workspace account | ||
| + | - Add their domain name to your list of trusted domains | ||
| + | |||
| + | < | ||
| + | - Create a new Google Workspace account and add the domain as the primary domain for that account. | ||
| + | - **Add the new domain as a new (secondary) domain to your Google Workspace account.** | ||
| + | - Add the new domain as a subdomain to your Google Workspace account | ||
| + | - Add the new domain as a domain alias to your Google Workspace account. | ||
| + | |||
| + | < | ||
| + | - Domain aliases can be applied to the primary and any secondary domains from the admin console | ||
| + | - **Domain aliases do not require additional Google Workspace licenses** | ||
| + | - Domain aliases require additional Google Workspace licenses | ||
| + | - **Domain aliases can only be applied to the primary domain from the admin console** | ||
| + | |||
| + | ## 数据导入与导出 | ||
| + | 几种迁移工具 | ||
| + | ### 管理员用(多数人需求) | ||
| + | - GWMME: GWS Migration for Microsoft Exchange | ||
| + | - GWM: GWS Migrate | ||
| + | - GWMHN: GWS for HCL Notes | ||
| + | - DMS: Data Migration Service | ||
| + | |||
| + | ### 用户用(少数人需求) | ||
| + | - GWMMO: GWS Migration for Microsoft Outlook | ||
| + | - 其他账户导入,Calendar/ | ||
| + | |||
| + | ### 导出 | ||
| + | 管理员:导出Gmail, | ||
| + | 用户:导出Gmail,Calendar,Contacts等 | ||
| + | |||
| + | ## Troubleshooting GWS | ||
| + | - Status dashboard | ||
| + | - Connect with help Assistant | ||
| + | - View important alerts | ||
| + | - Search for help | ||
| + | - Contact Google support | ||
| + | |||
| + | 其他工具 | ||
| + | - Google admin toolbox [[https:// | ||
| + | - Browser Debugger | ||
| + | |||
resources/courses/gws_c2.1737536264.txt.gz · 最后更改: 2025/01/22 17:57 由 jackiez