Where SMART Group Policy Admins come to get SMARTER

A service of PolicyPak Software. Making you (even more) awesome!

RECEIVE REGULAR TIPS AND
BREAKING GROUP POLICY NEWS.
SIGN UP FOR OUR NEWSLETTER!

Jun
6
2017

XenServer, vCenter and vSphere all require SMB V1… so, I WannaCry.

Microsoft Posted a HUGE list of products which still have SMB1. Here’s the MEGA LIST. Then I also just got this email from my pal Webster who runs the famous Citrix-focused blog “The Accidental Citrix Admin” blog over at http://carlwebster.com/ If  Webster got zapped, you might get zapped too. Here’s the note: ” I disabled SMB V1 on both of my Synology NAS units. I run both vSphere 6.5 and XenServer 7.1 in my lab. Everything was fine since all the hosts already had connected to all their storage. Before I left for three back-to-back conferences, I shutdown EVERYTHING in my […]

Jun
5
2017

When using GP to disable SMB, it’s BOWSER, not BROWSER

I got this letter in the ol’ inbox.  I got explicit permission to share it with you from it’s author, with name included. A true warrior is one who makes mistakes, takes ownership of those mistakes, and then shares those mistakes with the world to make it a better place. Steven Stein, my hat is off to you. Here’s Steve’s letter to me, which I hope helps you out if you plan to kill SMB using GP using my previous post’s links. -email below- To my fave GP guy who I try to avoid bothering with useless trivia:   Here is […]

May
30
2017

Prevent Wannacry using Group Policy

In the effort of “not repeating excellent work of others” … here are two articles to help you turn off SMB 1 via Group Policy: https://blogs.technet.microsoft.com/staysafe/2017/05/17/disable-smb-v1-in-managed-environments-with-ad-group-policy/  http://www.grouppolicy.biz/2017/03/how-to-disable-smb-1-on-windows-7-via-group-policy/  It doesn’t take much, and you should do it.. yesterday. You should also start thinking about how to block attacks that users themselves (or even slightly tired IT people) can click upon and wreck their networks. I humbly suggest you check out PolicyPak Least Privilege Manager and our SecureRun feature. Here are two videos showing you you could have prevented the attack in the firstplace: https://www.policypak.com/video/stop-cryptolocker-and-other-unknown-zero-day-attacks-with-policypak-secureruntm.html  https://www.policypak.com/video/policypak-elevate-scripts-and-java-jar-files.html   

Apr
25
2017

EMET is gone for Windows 10. Here’s what to do next.

Very interesting and geeky article about how to use Group Policy in Windows 10 to prevent memory attacks. The kind that EMET on Windows 7 provided, but is not available anymore for Windows 10. Here’s the article at Microsoft.  

Apr
18
2017

What’s new in ADMX and Group Policy for Windows 1703 Creators Edition

The new ADMX files are ready for download. You can get them here from Microsoft: https://www.microsoft.com/en-us/download/details.aspx?id=55080 Here’s my (usual) advice: 1. If you don’t have a central store, please first watch this video I made on it. 2. If you already have a central store, leave what’s already there, and then overwrite anything NEW from the download on top of what you ALREADY have. 3. Install these ADMX files… even if you have no Windows 10 at all, and/or even if you have no Windows 10 1703. Just.. use them. 4. Is this advice perfect for everyone? No; but for 99.98% […]