Group Policy Blog

Modifying Default GPO Permissions at Creation Time

Now that we are all digging out from MS16-072, and the reality that it likely won’t be “fixed” anytime soon, I think it’s worthwhile to drop a quick blog post about how you can ensure that all GPOs that get created going forward in your environment, get the proper read permissions on them. A long … Read More.

MS16-072 – GP Permissions and an overview

Hello Group Policy fans enthusiasts happy people! Darren and I had a quick discussion about his script to remediate the problems created by applying MS16-072 and GP processing. Read Darren’s previous post for context but here is a recording of our discussion. Have a good day and happy troubleshooting! Kevin

New Group Policy Patch MS16-072– “Breaks” GP Processing Behavior

This morning I woke up to an email from a fellow Group Policy MVP–Martin Binder–warning that folks were seeing GP Processing issues after the recent slew of Patch Tuesday updates were applied. Indeed, I had noted late on Tuesday via Twitter that there was a fix to GP in this latest round of patches, that prevents … Read More.

Migrate Windows Firewall and AppLocker to Desired State Configuration

If you’ve followed this blog for a while, you know that about a year ago, I described a PowerShell script I wrote that migrates Group Policy Administrative Template settings to PowerShell Desired State Configuration Documents. I finally got around to updating this script, with help from our VP of Product Management–Kevin Sullivan. You can find … Read More.

Welcome Walt Ramick

SDM Software is extremely excited to have Walt Ramick join our team leading both our tactical and strategic sales efforts. Walt has been involved with organizations selling enterprise software and services for over a decade and brings a wealth of knowledge around the sales process and is excited to help SDM meet and exceed expectations. From Walt – … Read More.

Windows Nano Server–The “Group Policy-less Future?”

It’s been about a year since Microsoft first announced plans to deliver Nano Server–a new SKU of Windows Server that is essentially a highly stripped down version of the OS, optimized for cloud/data center environments and container/micro-service workloads. What does that mean? It means that in the future world of cloud-based Windows server, applications will increasingly … Read More.

Group Policy Security Compliance with PowerShell

Last year we shipped the Group Policy Compliance Manager (GPCM) product–our enterprise compliance reporting solution for Group Policy. Today we are releasing a new PowerShell module to go along with GPCM. This module allows for some cool capabilities for searching, reporting on and analyzing the data that GPCM collects. GPCM gathers Group Policy processing health and settings data … Read More.

GP Automation – Folder Options/Open With

OK, so this is not a ‘new’ story but it is an interesting one. Since the first script kitties were writing viruses that did nefarious things we had ways to ensure we could limit their impact. Redirecting .vbs to notepad was super common. I saw a tweet today from one of the PS-OGs (PowerShell Original … Read More.

DevOps and the Cross Platform Windows Group Policy SDK

Group Policy’s Cross Platform History It was the early 2000s. I was at Quest Software–serving as CTO for the Windows management business. A lot of my job in those days involved looking at technologies to acquire. Even at that time, I had been a Group Policy geek for a few years, with some large enterprise deployments … Read More.

Group Policy Automation and Dell Authentication Services

As you may have heard last week, or seen in our newsletter, or read graffiti’d all over the New York subway system, our Group Policy Automation Engine (GPAE) has added support to help organizations manage their Unix systems with Group Policy! OK, maybe that is a stretch, but it was in our newsletter! We are … Read More.