Select Page

Hope everyone is having a great Summer (or Winter for you Southern Hemisphere folks)! We have been busy here at SDM, hence the lack of recent blog posts on my part. But I did want to drop a quick post to talk about our recent release of an incremental update to our Group Policy Change Auditing & Attestation product (GPAA). The 1.1 release shipped a couple of weeks ago, and provides a few new features, including explicit support for Windows Server 2012-R2 as well as some new attestation features, shown here:


Group Policy attestation options in GPAA 1.1

Group Policy attestation options in GPAA 1.1

Essentially what this new attestation feature provides, is the ability to automatically assign new GPOs to a particular owner as they get created, and have those owners perform attestation on them. If you’ll recall from previous postings on this product, GPO “attestation” can serve a couple of useful purposes. The first is to provide those IT shops who must show responsibility and periodic review¬†for key IT resources, like GPOs that do server hardening, to their auditors and compliance officers. The second purpose is to provide a way of preventing “GPO bloat” by associating any new GPOs that get created with an owner that must periodically re-affirm that the GPO is still useful and valid in the environment.

For both of these reasons, GPO attestation is a useful capability to provide, and in addition to the detailed Group Policy change auditing that we can do, GPAA can prove a powerful tool for your Group Policy management arsenal!