Group Policy Blog by Darren Mar-Elia (The “GPOGUY”)
What’s Next If You’re An AGPM User?
Hi everyone. You may have heard by now that Microsoft's venerable Advanced Group Policy Management (AGPM) tool will reach it's end of life next April 2026. What does this mean? When software reaches end of life it generally means that the vendor will no longer provide...
August Windows Update Breaks Item-level Targeting in GP Preferences
Just a quick one here folks, to let people know about a GP issue I heard about last week, that I've since learned was introduced as part of an August Windows update. The issue is as follows. In GP Preferences, there's an option to filter application of individual...
Managing Windows Services using Group Policy
Happy New Year! On Twitter recently (sorry, I can't bring myself to call it 'X') there was a thread about managing Windows Services using GP. The poster talked about using the setting area under Computer Configuration\Policies\Windows Settings\Security Settings\System...
How Can I Disable Group Policy Processing…Umm…On Purpose?
I have to say that after 25 years of messing around with Group Policy, I am constantly amazed by the new things I still learn about the technology and it's behavior. Especially when those things are substantial and weird. Such was my experience last week when a...
SDM Software Ships Change Manager for Group Policy 1.5–Includes Support for Intune Profile Change Control!
Here at SDM Software, we are committed to making management of your Windows configuration technologies easier and more secure. This is why we released version 1.0 of our Change Manager for Group Policy product last year--to provide a modern, easy-to-use and web-based...
SwiftSlicer Malware and Group Policy
You may have caught the recent article about a new malware variant, called SwiftSlicer--attributed to a Russian APT group--that is making its way around Active Directory environments. There's not a ton of details about how this malware is delivered, but the one detail...
New GP Preferences Vulnerabilities Patched in the latest Patch Tuesday
In case you missed it, there were three vulnerabilities related to GP Preferences in the latest October 2022 "Patch Tuesday". Specifically they were: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37994...
SDM Software Ships Modern Group Policy Change Control!
We are very happy to announce the release of the newest member of our Group Policy product family--Change Manager for Group Policy 1.0! CMGP, as we call it around here, brings GPO change control into the modern era, by providing a friendly, web-based user interface to...
Removing Orphaned Delegation on GPOs
One of the annoying things about Group Policy, is that delegations to GPOs are not cleaned up when the underlying security principal (e.g. user, computer or group) is deleted in Active Directory. For example, if you create a security filter on a GPO for a particular...
Using Tiered Administration for Group Policy Management
Well, I have to admit that it's been a while since I have found something interesting to blog about related to Group Policy. Despite the fact that the technology is still widely used, how much new can you say about something that's 21+ years old? Well, as many of you...