by Darren Mar-Elia | Feb 22, 2019 | Security-related
If you’ve been following this blog, you know that about 2 and half years ago, I started talking about Group Policy’s precarious role in the typical enterprise’s security posture. Many, if not most, AD shops use GP to perform security hardening on...
by Darren Mar-Elia | Feb 13, 2019 | Conferences
Hey folks! Just a quick note that I’m giving a talk next month in Chicago. This is a follow-on to the Semperis Hybrid Identity Protection (HIP) Conference that I spoke at last November. This Chicago “Tech Day” event is a one-day event on March 13th...
by Darren Mar-Elia | Oct 17, 2018 | Tips & Tricks
Hey Folks. It’s been too long since I posted here, so I thought I’d break my fast by posting something a bit meaty. Many moons ago, I created a whitepaper, which is on the Gpoguy portion of this site, that described how and where the various areas in Group...
by Darren Mar-Elia | Oct 1, 2018 | Whitepaper
(This article was originally written way back in the early 2000s. I’ve finally gotten around to updating it for the modern era 😊) Group Policy leverages a complex and sometimes inconsistent model when it comes to storing the settings that you specify within a Group...
by Darren Mar-Elia | Jul 10, 2018 | Security Policy
With this post and my last post, I guess I’m on a path of finding interesting ways to “break” AD. The last post related to AD denial of service and this one relates to an interesting way to get to privileged access on AD by gaining what would seem to...
