Group Policy Blog

Performing a Denial of Service on AD–How Hard Is it Really?

I was motivated to write this post based on a vendor blog that I read recently, that talked about ways to maliciously perform what amounted to a denial of service attack on AD. Ostensibly the post was designed to sell software, which I don’t begrudge, but it got me thinking–how easy is this to do, … Read More.

Protecting Active Directory–Making AD and Group Policy Less “Visible” to Attackers

A couple of weeks ago, I gave a webinar for Semperis, on the topic of protecting AD from attackers. I presented 5 tips on the things you can do within your AD and Windows environments, to protect against “information exposure” that might allow an attacker to find paths of higher privilege within your AD environments. … Read More.

GPO Migrator 1.6 is Here–Make Quick Work of GPO Migrations and Reorganizations!

We’re happy to announce the general availability of GPO Migrator 1.6. GPO Migrator is SDM Software’s product for allowing “drag and drop” migration and reorganization of settings across GPOs. Whether you’re doing a domain clean-up or a migration or consolidation into a new AD domain, GPO Migrator greatly reduces the time and effort required to … Read More.

Making Sense of Group Policy SYSVOL Mismatch Errors

When I was working on the update for our Group Policy Health Reporter freeware tool recently, I noticed a very annoying “feature” that Microsoft seemed to introduce into Group Policy on Windows 7 and 2008-R2 systems. I’m pretty sure it started when they released the infamous MS16-072 patch that I blogged extensively about last year. Namely, any health … Read More.

Just In Time for Microsoft Ignite–A Sneak Peek of GPO Migrator 1.0!

Well, Microsoft Ignite is happening next week, and SDM Software will be there in force, occupying Booth #671 on the show floor. And no conference would be complete without showing off new toys. In our case, the new toy is a shiny new product called GPO Migrator. We’ll be demonstrating the first public appearance of GPO … Read More.

Group Policy Security Compliance with PowerShell

Last year we shipped the Group Policy Compliance Manager (GPCM) product–our enterprise compliance reporting solution for Group Policy. Today we are releasing a new PowerShell module to go along with GPCM. This module allows for some cool capabilities for searching, reporting on and analyzing the data that GPCM collects. GPCM gathers Group Policy processing health and settings data … Read More.

A Peek Inside Registry.pol

Hello everyone! I posted a quick video on polviewer.exe. The tool called ‘Registry.pol Reader’ is a free tool Darren Mar-Elia built to solve a pretty important issue. And because he’s a great guy, there is that! The need for the tool is pretty obvious to those of us who have been managing and troubleshooting Group Policy … Read More.

Troubleshooting GP Processing tip

Troubleshooting is a bit of an art form. It requires creativity but that creativity needs to be expressed inside certain parameters. Those parameters depend on what is being troubleshot. (Is that really a word?) There is a TechNet article that has been around for quite a while called Troubleshooting Group Policy Using Event Logs and … Read More.

Spiceworld 2015 – Austin, TX!

Hi everyone! I hope you are well and you all had a great summer. I have to admit I’m torn, not quite enough Summer for me (or my kids) but I’m extremely excited to get back into a rhythm and get cranking on some great work this year. We have an amazing year planned at … Read More.

Group Policy Comment

Do you place ‘comments’ on your GPOs? Did you ever wonder how to manage these, or how they may be useful. I put up a quick post on my blog (http://scituated.blogspot.com) that walks through GP Comments and how to manage them. It points back to SDM Software for deeper solutions with Group Policy Compliance Manager … Read More.