Group Policy Blog by Darren Mar-Elia (The “GPOGUY”)
When Malware Abuses Group Policy
It's been a while since I've addressed this topic. Something like 9 years to be exact. But for sure, the problem of malware leveraging Group Policy to propagate itself is still very much alive. In the original article, an IT friend of mine mentioned something he saw...
Managing Windows Services Using Group Policy
On Twitter/X I saw a thread about managing Windows Services using Group Policy. The poster talked about using the setting area under Computer Configuration\Policies\Windows Settings\Security Settings\System Services to control Windows Service startup settings (e.g.,...
Mastering GPUpdate: Best Practices for Group Policy Refresh
Anyone who manages Group Policy (GP) knows about the gpupdate.exe utility that ships with Windows. GPUpdate’s job is to refresh Group Policy manually, rather than relying on Windows to do it on its own schedule. Specifically, it can be used to force the system to ask...
Using Custom ADMX Files in Microsoft Intune: When, Why, and What to Consider
As organizations move from traditional on-premises Group Policy to cloud-based device management with Microsoft Intune, a common challenge emerges: what to do with existing custom ADMX files. These files often represent years of investment in policy enforcement for...
Understanding the Role of ADMX Files in Group Policy
For more than two decades, administrators have relied on Group Policy to centrally manage and configure settings across users and computers within their domains. However, this powerful tool wouldn’t be of much use without the ADMX file, which defines and structures...
Intune Suite Expansion and Pricing Changes: A Strategic Inflection Point for IT Leaders
Microsoft recently announced plans to include Intune Suite capabilities in Microsoft 365 E3 and E5 licenses. This is really big news that customers have been asking for and about since the Intune Suite was announced a few years ago. It is a statement that the company...
Preventing PowerShell Pitfalls with Active Directory Expiration Dates
There is a reason why many Active Directory admins still use the GUI: it is simple and straightforward. On the other hand, scripts allow us to automate and scale AD tasks, which is also beneficial for admins. A classic example of this duality is working with dates...
New Add-On to GPO Migrator by SDM Software Empowers Tailored Group Policy Migration to Intune
Migrate selected settings, validate Intune support up front, and combine multiple GPOs into a single profile for cleaner policy management Cloud adoption means finding efficient ways to transition long-standing on-premises Group Policy Objects (GPOs) into Microsoft...
Group Policy Change Control FAQ
This Frequently Asked Questions (FAQ) article covers information about Windows Group Policy Change Control, Microsoft Advanced Group Policy Management retirement, and SDM Software's solutions for addressing this challenge. Q: Is there a solution that can completely...
What’s Next If You’re An AGPM User?
Hi everyone. You may have heard by now that Microsoft's venerable Advanced Group Policy Management (AGPM) tool will reach it's end of life next April 2026. What does this mean? When software reaches the end of life, it generally means that the vendor will no longer...