Category: Group Policy
-
SCM is gone… Say Hi to SCT.
For the past several years nearly every client of mine (that I have consulted on Active Directory) has been introduced to the Microsoft Security Compliance Manager (SCM), a great tool that helped create Group Policy Objects (GPOs) for any number of Organizational Units (OUs), including Default Domain Policy, Domain Controller Policy, Client Workstation Policy, and…
-
Failover Cluster OUs
I recently created a proof of concept for a client that was built into their production environment. The POC required me to create a couple of failover clusters, so I got the names from the customer, and created them… like I’d done a thousand times before. Several weeks went by and the customer called me…
-
Folder Redirection: Where’d these warnings come from?
Congratulations. You have decided to implement a Folder Redirection policy on your domain. There are real advantages to this, not the least of which is that all of your users’ profile folders will get backed up centrally… and that when they change computers their files and settings are just there. You have created a Group…
-
1-2-3-4-5 BitLocker 9-8-7-6-5
I was sitting in a planning meeting with a client recently in which we were discussing ways of protecting end-user machines, especially laptops that were in and out of the office. The previous convention relied on BIOS locks that were proprietary to the hardware manufacturer, and required the end user to either enter two passwords…
-
A Do-it-Yourself SWMI? No sweat!
Ok, let’s be honest. We all know that we need to secure our Active Directory infrastructures, but many of us are not entirely sure how. You may even know that Group Policy is a great tool to do it centrally, but with literally thousands of Group Policy settings available in Windows Server 2008 R2, where…
The World According to Mitch 