Group Policy Blog

Group Policy Tips, Tricks, and News from Darren Mar-Elia

Remediating Group Policy Preference Passwords

Group Policy Preference Password Remediation Utility

A little over two weeks ago, the United State Computer Emergency Readiness Team (US-CERT) issued a bulletin calling for admins to take action on an old issue that I’ve covered extensively in the past. The issue relates to the fact that there are several areas within Group Policy Preference (GPP) that used to allow you to enter user name and password information into the preference item, to b…

Group Policy Comment

Do you place ‘comments’ on your GPOs? Did you ever wonder how to manage these, or how they may be useful. I put up a quick post on my blog ( that walks through GP Comments and how to manage them.

It points back to SDM Software for deeper solutions with Group Policy Compliance Manager and Group Policy Auditing and Attestation but the walk through if focused on…

Group Policy Auditing & Attestation 2.0 Hits with new AD Group Attestation Feature

Last month we at SDM Software shipped the 2.0 version of our Group Policy Auditing & Attestation product. GPAA is our flagship product for helping you perform real-time compliance auditing, alerting, rollback and attestation of Group Policy Objects (GPOs). The product provides in-depth auditing of GPO changes on everything from new GPO creation to modification of individual GPO settings…

Group Policy Preferences in the Local GPO? Yes!

Viewing the gpt.ini on the local GPO

If you caught the webinar last week that Kevin Sullivan and I presented, you might have caught the “secret tip” I presented at the end of the show (you can catch the whole webinar recording here). In there, I promised to more fully document this tip, so I’m doing that to let everyone experience the fun! What is the tip? Well, as the title of this blog implies, Group Policy Preferences, which is…

Hello World!

Darren posted a very thoughtful item related to my joining SDM software. It was very nice and made me realize I have a lot of expectations to meet! I’m up for the challenge. I’ve known Darren Mar-Elia for about 13 years or so and have come to know him and how he thinks about software and solutions pretty well. He is one that is very committed to solving real problems that people and organizations…

Longtime Expert Microsoft Technologist Kevin Sullivan Joins SDM Software


I’m super excited to announce today that longtime friend, colleague and all around superstar in the Microsoft technology space, Kevin Sullivan, is joining SDM Software today as Vice President of Product Management and Business Development. Kevin was most recently Director of Sales Engineering with the great folks at Specops Software. Before that, Kevin held a variety of positions at…

Ghosts in the GPO Machine–Local Security Policy Changes on DCs

Using the MMC Security Templates snap-in to define custom local security policy

What would you say if I told that it was possible to accidentally write changes up to domain-based GPOs by simply making local security policy changes on your Domain Controllers?

I was emailed recently by a fellow techie, who was seeing some odd behavior at a site that he worked at. What was happening is that they had installed some vendor product on their domain controllers, and when they…

“Secure by Default” and Hardening Your Windows Configurations

Managing GPO Delegation

I had a good email conversation last week with someone on the PowerShell team at Microsoft, in the wake of the release of our Desired State Configuration CSE. The gist of his question was around how users could protect the configuration information held within the DSC documents that got deployed via Group Policy. He mentioned that “Secure by Default” should be the mantra for all things related to…

Desired State Configuration and Group Policy Come Together!

The DSC Group Policy Editor Extension

If any of you were at Microsoft’s Ignite conference last week, and caught the session I participated in around Group Policy, you might have heard me talk about an exciting new piece of technology related to PowerShell Desired State Configuration that we were releasing soon. Well, I’m happy to announce that it’s here! So, what is it?
Push, Pull and…GP?
If you’ve followed my blog over the past…

Group Policy Session at Microsoft Ignite Conference

Hi folks

I wanted to drop a quick note to remind those of you at Microsoft Ignite conference here in Chicago, that I’ll be presented a Group Policy session in about 45 minutes (9am local time) with fellow MVP Jeremy Moskowitz, in room S100 (that’s a ginormous room!) If you are at the show, definitely check it out. We’ll be talking about what’s new in GP in Windows 10 as well as provide som…

Copyright © 2015 SDM Software, Inc.
Site design by Social Media Ninjas