Group Policy Blog

Protecting Active Directory–Making AD and Group Policy Less “Visible” to Attackers

A couple of weeks ago, I gave a webinar for Semperis, on the topic of protecting AD from attackers. I presented 5 tips on the things you can do within your AD and Windows environments, to protect against “information exposure” that might allow an attacker to find paths of higher privilege within your AD environments. […]

How To Think About Windows Group Policy–An Infrastructure Architect’s Take

Long before I got into the software business, and even during that time, I was first and foremost, an IT guy. I have spent nearly 20 years of my 30+ years in technology in IT–mostly in large organizations. Much of that time, I worked as an infrastructure architect, focusing on how to maintain and improve […]

Take the Group Policy Usage Survey!

All- Over the past few years, I’ve sent out a survey to the general population looking at trends in Group Policy usage. I’ve updated the survey for this year and it is now live and ready for your responses. It should take only about 5 minutes or less to complete, but if you have a […]

New Version of the Group Policy GPMC PowerShell Module

One of the very first freeware projects I undertook when I started SDM Software, was to build a PowerShell snap-in (yes, they were called snap-ins back then) for Group Policy. That was back in 2007, long before Microsoft had their own Group Policy module (<cough> a total ripoff of ours <cough>). Anyway, it’s been several […]

“Hip” New Active Directory-Azure AD Conference Coming!

If you‘ve been in the Microsoft infrastructure scene for a while, you probably remember the original NetPro Directory Experts Conference (DEC). DEC was THE conference to be at if you were an AD guy–or looking to improve your skills. Legends in the space like Joe Richards (of fame), Dean Wells (now of Microsoft), Guido […]

Removing Extra Registry Settings from GPOs

I recently had someone ask if there was a way to get rid of those pesky “Extra Registry Settings” that sometimes appear in a GPO settings report in GPMC. You know, the ones that look like this:             These settings arise within the Administrative Templates section of the GPO’s namespace […]

GPO Migrator 1.6 is Here–Make Quick Work of GPO Migrations and Reorganizations!

We’re happy to announce the general availability of GPO Migrator 1.6. GPO Migrator is SDM Software’s product for allowing “drag and drop” migration and reorganization of settings across GPOs. Whether you’re doing a domain clean-up or a migration or consolidation into a new AD domain, GPO Migrator greatly reduces the time and effort required to […]

A New, Old Threat: Dealing with AD and Group Policy Information Exposure

Delegation–A Blessing or a Curse? I’ve been wanting to sit down and write this blog post about AD information exposure for a couple of weeks now, and am finally finding the time to do so. For those of you who follow my blog, you know that I posted nearly a year ago after a visit […]

Sick of WannaCry? Don’t Read This…

I saw a humorous tweet today that said something to the effect that the number of blog posts about the recent “WannaCry” ransomware attack have now exceeded the number of infected machines. I am loathe to add truth to that saying, but I, of course, have something to say about it, so here we go… […]

ADMX Files for Windows 10 Build 1703 “Creators Update” Now Available

Now that the Windows 10 “Creators Update” is available, Microsoft has made the ADMX files for this new Windows 10 release available for download. As I mentioned in my last blog post, you can no longer guarantee that new ADMX files are backward compatible with the previous versions. So, how do you try out these […]