Where SMART Group Policy Admins come to get SMARTER

A service of PolicyPak Software. Making you (even more) awesome!

RECEIVE REGULAR TIPS AND
BREAKING GROUP POLICY NEWS.
SIGN UP FOR OUR NEWSLETTER!

Jun
22
2017

The Untold tale of Mark Minasi and Jeremy Moskowitz: A personal tale of me and my mentor (who is now retiring.)

If you don’t know who Mark Minasi is, then you don’t know Windows. Before I knew Mark personally, I would regularly encounter his books when I went from business to business during my old NT 3.5, 4.0 then Active Directory Consulting days. Then I read his articles in Windows NT magazine, which later had different names, and transformed into Windows IT Pro. Most memorable was “This Old Resource Kit”, which was often in the back of the magazine, and the article I always flipped to first. I first met Mark when I was doing some occasional writing for Windows NT […]

Jun
20
2017

Goodbye Security Compliance Manager, Hello Security Compliance Toolkit

Just in time for my next GP class, Microsoft announced the end of road for the “Security Compliance Manager.” But they also say Hello to the Security Compliance Toolkit. Here’s the quick blog entry from my Microsoft pal Aaron Margosis: https://blogs.technet.microsoft.com/secguide/2017/06/15/security-compliance-manager-scm-retired-new-tools-and-procedures/ So.. OK Got it. And I’m feverishly updating my GP Master Class to bring this new toolkit to you. What’s that? Don’t know what the Security Compliance Manager DID .. or how to make the MOST of the Security Compliance Toolkit for Group Policy? Well, NO PROBLEM .. Just COME to my Group Policy Master Class.. !! July 24-26 […]

Jun
18
2017

Kill more SMB using Group Policy

Item 1 (in case yo missed it.): Which wacky NAS and SAN and whatever.. items STILL use SMB1 and.. well.. oh well.. sorry. At least there’s this nice list! https://blogs.technet.microsoft.com/filecab/2017/06/01/smb1-product-clearinghouse/ Item 2: Annnnd.. another awesome article on how to use Group Policy to SMB1.. by my pal and Microsoft employee and security expert.. Aaron Margosis ! https://blogs.technet.microsoft.com/secguide/2017/06/15/disabling-smbv1-through-group-policy/

Jun
6
2017

XenServer, vCenter and vSphere all require SMB V1… so, I WannaCry.

Microsoft Posted a HUGE list of products which still have SMB1. Here’s the MEGA LIST. Then I also just got this email from my pal Webster who runs the famous Citrix-focused blog “The Accidental Citrix Admin” blog over at http://carlwebster.com/ If  Webster got zapped, you might get zapped too. Here’s the note: ” I disabled SMB V1 on both of my Synology NAS units. I run both vSphere 6.5 and XenServer 7.1 in my lab. Everything was fine since all the hosts already had connected to all their storage. Before I left for three back-to-back conferences, I shutdown EVERYTHING in my […]

Jun
5
2017

When using GP to disable SMB, it’s BOWSER, not BROWSER

I got this letter in the ol’ inbox.  I got explicit permission to share it with you from it’s author, with name included. A true warrior is one who makes mistakes, takes ownership of those mistakes, and then shares those mistakes with the world to make it a better place. Steven Stein, my hat is off to you. Here’s Steve’s letter to me, which I hope helps you out if you plan to kill SMB using GP using my previous post’s links. -email below- To my fave GP guy who I try to avoid bothering with useless trivia:   Here is […]