Group Policy Blog by Darren Mar-Elia (The “GPOGUY”)
Managing Windows Services using Group Policy
Happy New Year! On Twitter recently (sorry, I can't bring myself to call it 'X') there was a thread about managing Windows Services using GP. The poster talked about using the setting area under Computer Configuration\Policies\Windows Settings\Security Settings\System...
How Can I Disable Group Policy Processing…Umm…On Purpose?
I have to say that after 25 years of messing around with Group Policy, I am constantly amazed by the new things I still learn about the technology and it's behavior. Especially when those things are substantial and weird. Such was my experience last week when a...
SDM Software Ships Change Manager for Group Policy 1.5–Includes Support for Intune Profile Change Control!
Here at SDM Software, we are committed to making management of your Windows configuration technologies easier and more secure. This is why we released version 1.0 of our Change Manager for Group Policy product last year--to provide a modern, easy-to-use and web-based...
SwiftSlicer Malware and Group Policy
You may have caught the recent article about a new malware variant, called SwiftSlicer--attributed to a Russian APT group--that is making its way around Active Directory environments. There's not a ton of details about how this malware is delivered, but the one detail...
New GP Preferences Vulnerabilities Patched in the latest Patch Tuesday
In case you missed it, there were three vulnerabilities related to GP Preferences in the latest October 2022 "Patch Tuesday". Specifically they were: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37994...
SDM Software Ships Modern Group Policy Change Control!
We are very happy to announce the release of the newest member of our Group Policy product family--Change Manager for Group Policy 1.0! CMGP, as we call it around here, brings GPO change control into the modern era, by providing a friendly, web-based user interface to...
Removing Orphaned Delegation on GPOs
One of the annoying things about Group Policy, is that delegations to GPOs are not cleaned up when the underlying security principal (e.g. user, computer or group) is deleted in Active Directory. For example, if you create a security filter on a GPO for a particular...
Using Tiered Administration for Group Policy Management
Well, I have to admit that it's been a while since I have found something interesting to blog about related to Group Policy. Despite the fact that the technology is still widely used, how much new can you say about something that's 21+ years old? Well, as many of you...
SDM Software and CVE-2021-44228
We've had several customers ask us about the very widely reported CVE-2021-44228 "Log4j" vulnerability. We have reviewed our products and confirmed that none of SDM Software's solutions use or rely on Log4j for any functions and therefore are not subject to this...
Understanding Group Policy Behavior When a Computer or User is Moved in Active Directory
A question came up on Twitter the other day related to how Group Policy behaves on a given client, when you move either the computer or user account in Active Directory. As we know, the Group Policy that applies to a computer or user is a function of what GPOs are...