Hope everyone is having a great Summer (or Winter for you Southern Hemisphere folks)! We have been busy here at SDM, hence the lack of recent blog posts on my part. But I did want to drop a quick post to talk about our recent release of an incremental update to our Group Policy Change Auditing & Attestation product (GPAA). The 1.1 release shipped a couple of weeks ago, and provides a few new features, including explicit support for Windows Server 2012-R2 as well as some new attestation features, shown here:
Essentially what this new attestation feature provides, is the ability to automatically assign new GPOs to a particular owner as they get created, and have those owners perform attestation on them. If you’ll recall from previous postings on this product, GPO “attestation” can serve a couple of useful purposes. The first is to provide those IT shops who must show responsibility and periodic review for key IT resources, like GPOs that do server hardening, to their auditors and compliance officers. The second purpose is to provide a way of preventing “GPO bloat” by associating any new GPOs that get created with an owner that must periodically re-affirm that the GPO is still useful and valid in the environment.
For both of these reasons, GPO attestation is a useful capability to provide, and in addition to the detailed Group Policy change auditing that we can do, GPAA can prove a powerful tool for your Group Policy management arsenal!