Add The ‘Group Policy Management Console’
Nov06

Add The ‘Group Policy Management Console’

KB ID 0001615 Problem On a Domain Controller you will get Group Policy Management, (by default) listed under administrative tools. But if you have a ‘Management Server’ of a ‘Jump Box’, that you want to install the tool onto, (without making it a domain controller!) Then do the following; Option 1: Install GPMC with Powershell This is the quickest and simplest option! Open a PowerShell Windows and execute the...

Read More
Windows Group Policy – Disable The Local Windows Firewall
Nov06

Windows Group Policy – Disable The Local Windows Firewall

KB ID 0001090 Problem I’ve got nothing against the Windows firewall, it’s certainly a lot easier to manage now than it was back in the XP SP2 days. But I find a lot of clients still just ‘want it gone’ and, providing they have a decent corporate firewall in front of them that’s fair enough. Solution 1. On a domain controller or a client running the remote administration tools > Windows Key+R >...

Read More
Group Policy Preferences and Client Side Extensions
Oct05

Group Policy Preferences and Client Side Extensions

KB ID 0000389 Problem Group Policy Preferences (GPP) first came in with Server 2008 and were enhanced for Server 2008 R2, To be able to apply them to older Windows clients, you need to install the “Client side Extensions” (CSE), You can either script this, deploy with a group policy, or if you have WSUS you can send out the update that way. OS Download Link Client side extensions for Windows XP (x86) link Client side...

Read More
Remote Desktop Services – Securing By Group Policy
Jun24

Remote Desktop Services – Securing By Group Policy

KB ID 0001211 Problem Note: This is not an exhaustive list, but it’s what I use when securing Remote Desktop Services, (Terminal Services) servers. Some of these settings are ONLY for Server 2012 R2 and later. If you have any settings you think are omitted, please comment below.   Solution User Access To RDS If you want to create a Domain security group for RDS users than please do so. BE AWARE the ‘Remote Desktop...

Read More
Windows – Open a Firewall Port with Group Policy
Jan17

Windows – Open a Firewall Port with Group Policy

Define Inbound Port Exceptions KB ID 0000979  Problem For everyone who simply does not disable the Windows firewall, then you need to be able to manage what ports are open on your machines. The simplest way to do this is via group policy. This week I had to open TCP port 9503 on the local firewall of my McAfee Move Offload Servers. Below I will open that port on all my machines, but in production I will only apply the GPO to the OU...

Read More
Cisco WLC: EAP-TLS Secured Wireless with Certificate Services
Apr04

Cisco WLC: EAP-TLS Secured Wireless with Certificate Services

KB ID 0001420 Problem Ah certificates! If I had a pound for every time I’ve heard “I don’t like certificates”, I could retire! The following run through is broken down into the following parts; Setup the Cisco WLC (WLAN) Setup NAP (RADIUS). Setup Certificate Auto Enrolment. Setup Group Policy to Deliver the Wireless Settings. Note: If you are scared of certificates, sometimes it’s easier to setup password...

Read More