Group Policy Blog

Understanding the JASBUG Vulnerability and Group Policy

Earlier this week, Microsoft released a couple of patches that addressed vulnerabilities in our good friend Group Policy. First, I will say that it’s relatively rare to see such vulnerabilities directly effect Group Policy function, like this one does. That’s a good thing. That said, this one, while not trivial to exploit, is relatively serious […]

How Much Group Policy Lockdown is Too Much Lockdown?

I’m sure everyone has heard the phrase, “when you have a hammer, everything looks like a nail”. Sometimes Group Policy can be this way. I’ve been doing Group Policy now, for, well…a long time. Before that, I was an early aficionado of System Policy in NT 4.0 and the erstwhile Zero Admin Toolkit (ZAK). Through 20+ […]

Group Policy Loopback Everywhere?

Just the other day I was talking to a customer about Group Policy loopback. If you’ll recall, loopback is that feature in Group Policy processing that allows you to override a user’s *normal* user policy settings when they log into specific machines–such as kiosks or Remote Desktop Services/Citix XenApp servers or VDI systems, where it’s […]

Consolidating & Cleaning Up Group Policy — Best Practices

A fair bit of what we do here at SDM Software is helping folks get a handle on their Group Policy environments. Using products such as our GPO Reporting Pak, we’ve had lots of customers clean up and reduce the clutter (not to mention improve desktop performance) of their Windows desktop environments. We also do […]

My TechNet Radio Interview on Group Policy in Server 2012 (and more!)

Just a quick note to let folks know that the interview I gave with TechNet Radio about the changes for Group Policy in Server 2012/Windows 8 is up now at: In the interview, I talk to Microsoft Director Karen Forster about all manner of Group Policy related topics, including what’s new in Server 2012, […]

Best Practices for Group Policy Design Talk — Slides Posted

Last Tuesday, I gave a talk locally in San Francisco at the Pacific IT Pros monthly meeting, on “Best Practices for Group Policy Design”. It was largely based on the talk I gave at TechEd 2012 this past June, related to how to make good decisions around your GPO deployments. For those that missed my […]

Best Practices for GroupPolicy Design Talk from TechEd

Well, TechEd was great as usual–lots of Win8 info sloshing around as well as Azure everywhere, including the recent announcement that Microsoft will be offering “Infrastructure-as-a-Service” (IaaS) instances in Azure now, ala Amazon EC2. It will be interesting to see how that does, but could be a great option for Windows workloads in the cloud. […]