Category Archives: Group Policy
Windows Server 2016’s November 2018 Quality Update brings several Active Directory fixes
Windows Server 2016’s November 2018’s Cumulative Quality Update, bringing the OS version to 14393.2639, offers a fix for an issue with Group Policy and a fix for an issue you might be experiencing on your Windows Server 2016-based Domain Controllers. About Windows Server 2016 Updates Microsoft issues two major updates each month for Windows […]
Passing Microsoft Exam 70-742: Identity with Windows Server 2016
There is a good and free way to prepare for Microsoft exam 70-742: Identity with Windows Server 2016. In the past years, I conducted webinars that can serve as a primer on Active Directory in terms of forests, domains, trusts, security and on Group Policy. They are not and were never intended as the sole […]
I’m presenting an Active Directory 101 course with Netwrix
I know from my own experience – the importance of Active Directory and its security can never be overestimated. So, I’ve teamed up with Netwrix to bring you an easy yet extensive update for your knowledge of Active Directory management and security principles. Therefore, this September, I’m hosting three consecutive webinars on Active Directory Domain […]
Security Thoughts: Vulnerability in Group Policy could allow elevation of privilege(MS61-072, KB3163622, CVE-2016-3223)
Yesterday, Microsoft released update 3163622 as part of its June 2016 Patch Tuesday to address an important vulnerability that affects Group Policy on Windows 10. About the vulnerability The vulnerability could allow elevation of privilege if an attacker launches a man-in-the-middle (MiTM) attack against the traffic passing between a domain controller and the target […]
Security Thoughts: Microsoft Local Administrator Password Solution (LAPS, KB3062591)
As you might recall, Microsoft offered a solution to systems administrators to set the local administrator password on domain-joined devices using Group Policy Preferences, but ended the solution, almost a year ago, when the encoding mechanism was decoded and an attack was created towards this vulnerability (CVE-2014-1812). Introducing LAPS Yesterday, Microsoft introduced version 6 […]
Vulnerabilities in Group Policy could allow security policy bypassing (MS15-011, MS15-014, CVE-2015-0008, CVE-2015-0009)
For its February 2015 Patch Tuesday on Tuesday February 10, Microsoft has released two security bulletin to address issues in Group Policy that would allow an attacker using a Man-in-the-middle (MitM) approach to bypass security policies, by forging packets sent by Domain Controllers. The situation In many organizations, Group Policies are used to centrally […]
Security Thoughts: Passwords in Group Policy Preferences (CVE-2014-1812)
Last week, Microsoft released Security Bulletin MS04-025, including guidance and an update that resolves a publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if Active Directory Group Policy preferences are used to distribute passwords across the domain – a practice that could allow an attacker to retrieve and decrypt the […]
Get started with managing Windows 8.1 and Windows Server 2012 R2 through Group Policies
Last year, I posted Three useful ways to get started with Group Policy in Windows 8 and Windows Server 2012. With the release of Windows 8.1 and Windows Server 2012 R2 last month, it’s time to look at managing Microsoft’s latest and greatest Operating Systems: Windows 8.1 and Windows Server 2012 R2 offer a lot […]
KnowledgeBase: Group Policy Management Console (GPMC) reports a Processing Error while trying to detect Domain Controllers
Earlier this month, Microsoft released KnowledgeBase article 2891966. In this article, Microsoft engineers describe an issue when you open the Group Policy Management Console (gpmc.msc) and check the status of Active Directory and SYSVOL (DFSR) replication for the domain as it relates to Group Policy.
KnowledgeBase: Group Policy Preferences for Local Users and Groups fails with Event ID 4098 on Windows 8 and Windows Server 2012
Last week, Microsoft released KnowledgeBase article 2890259. It describes an issue in Windows 8 and Windows Server 2012 with Group Policy Preferences for Local Users and Groups. In some circumstances, these Group Policy Preferences would not apply, resulting in events with EventId 4098 in the Windows Event Viewer (eventvwr.exe) on your domain-joined Windows 8-based device(s) […]
Login