Here’s an interesting article. Mostly because I wrote it, and also.. it is interesting. It answers the question of “Can I use non-Microsoft DNS with my Active Directory (and why you might want to.)” Check it out. http://www.esecurityplanet.com/network-security/must-you-use-microsofts-in-box-dns.html
So.. “Windows 13″ is out.. I mean… “Windows 10, Build 1607 Anniversary Edition” of course. And, it’s a pretty big update. To make your life easier I rounded up all the news about Group Policy and this build into one place. THIS PLACE. Here we go ! Item #1: Get the latest ADMX download https://www.microsoft.com/en-us/download/details.aspx?id=53430 Item #2: What to do with this ADMX download (video I made back in the day) https://www.youtube.com/watch?v=Q4DBdQo4XZs Item #3: Some Policy Setting items are ONLY in the Enterprise/Edu editions and NOT in Pro. Here’s that list so you don’t punch a wall, wondering why a […]
So on Patch Tuesday, Microsoft released a patch to prevent a theoretical “man in the middle attack” when GPOs are downloaded from your servers to your endpoints. Okay.. Fine. Sounds good. In fact, here’s the tech note on the problem. Fix for GP elevation https://technet.microsoft.com/library/security/ms16-072 But when that patch is applied, there is a “double increase” in security, one with an unintended consequence. That consequence is that SOME GPOs will no longer apply when you expected them to. You could call this a “breaking change”, but.. stick with me, I think Microsoft wanted this behavior updated. And it’s not TERRIBLE; it’s […]
Actually, this has three things: 1. AMA session replay. I did a super fantastic ASK ME ANYTHING (AMA) session with my hosts at AdminArsenal. It was super fun. The replay is here: https://www.youtube.com/watch?v=BibYm8KrgR4 2. Group Policy not in Nano Server (Not News to me), but I updated the Why GP is Not Dead Manifesto. Also, I already knew this, but apparently it was NOT known by some that Windows’ new Nano server has no Group Policy support. You’d think I’d be upset about this, but I’m not. Not even a little bit. As such, I’ve updated my “Why GP […]
You might have read the news that it’s no longer possible to use the built-in Group Policy SETTING to prevent access to the Windows Store starting in Windows 10 / 1511 with some updates. I don’t make the news, I just report it. The official article at Microsoft is ”Can’t disable Windows Store in Windows 10 Pro through Group Policy: https://support.microsoft.com/en-us/kb/3135657“. Except, good news.. turns out there IS a way to prevent Windows Store from running with Windows 10 Pro. Video: For more killer tips, be sure to sign up at http://www.gpanswers.com/register/ for the newsletter list to stay informed. For Group Policy training, […]
The GPanswers.com forum is closed now (thanks, spammers!)
But we encourage you to join us at LinkedIn in the “GPO Stuff” group.
Jeremy is regular there, and there is a reasonable system to prevent junk posts.
In all, we think it’s the right place to go for Group Policy-specific questions.
It’s a private group, but just JOIN it, and the owner should approve your request.
See you there !
-Jeremy Moskowitz, Group Policy MVP