Audit GPO Changes
Audit GPO Changes KB ID 0001920 Problem If you are reading this your either replanning ahead (bravo!) or there’s been an incident that you are concerned about. If that is the case its important to remember that “you cannot audit retrospectively”* *Note: you can find out when GPOs were altered, but not by whom, with some simple PowerShell i.e. Get-GPO -All | Select-Object DisplayName, ModificationTime Group Policies are...
Windows – Firewall Group Policy
Firewall Group Policy KB ID 0000979 Problem For everyone who simply does not disable the Windows firewall, then you need to be able to manage what ports are open on your machines. The simplest way to do this is via firewall group policy. This week I had to open TCP port 9503 on the local firewall of my McAfee Move Offload Servers. Below I will open that port on all my machines, but in production I will only apply the GPO to...
Updating Domain Computer Objects with Last Logon and Machine Information
Last Logon KB ID 0001340 Problem I can’t really take the credit for this, I was at a client’s site a few weeks ago, and they were doing this. I thought ‘That’s cool, I’ll have a play with that when I get the chance”. Essentially, you update the description of the Computer object(s) in AD so that they list; The last user who logged on. What time they logged on. What AD ‘Site’ the machine...
How to track failed logon attempts in Active Directory
Track failed logon KB ID 0001209 Problem If a large number of failed logon attempts occur within a certain period of time, it could be an indication of a security threat, which is why it is important that organisations have a proactive means of auditing and monitoring whenever this happens. There are a number of ways you can perform this audit, one of which is using the native tools. Here, we will take you through the steps so that...
Printers “Some Of These Settings are Managed By Your Organisation”
Managed By Your Organisation KB ID 0001899 Problem When attempting to add a printer, or engage with the printer settings dialog, you may see. Some Of These Settings are Managed By Your Organisation Solution : Managed By Your Organisation This is usually because a policy is being applied, (or has been applied) that is making a change in your registry, to the following key. HKEY_CURRENT_USER > Software > Microsoft > Windows...
What GPO are Applied?
What GPO KB ID 0001898 Problem There are a number of reasons for you to test and demonstrate group policy application. Recently on Experts Exchange there was a question. where a user could not add a printer because those settings were “Controlled by their organisation’ but was pretty sure no printer GPOs were applied. Or you may simply be setting up a new GPO and it’s not applying, or not working as you would expect....
Windows 11 – Remove Search Adverts
‘Remove Search Adverts KB ID 0001897 Problem Why this has to be a ‘thing’ in a business version of Windows I’m not really sure, but if you want to remove these adverts from the Windows Search function. They are called ‘Search Highlights’ or ‘Dynamic Search Box’. Solution: Remove Search Adverts Option 1 Remove Search Adverts with Domain Group Policy In a domain envronment we can simply...
Exclude One Computer from GPO
Exclude One Computer from GPO KB ID 0001852 Problem You have a requirement that you want one computer (or a group of computers) NOT to have a specific GPO applied. If that is the case, then this is how to simply achieve that goal Note: The same procedure can be used to Exclude a GPO from one user (or a group of users). Solution : Exclude One Computer from GPO Let’s find the computer in question, in my case it’s called PNL-ZERTO-2022,...
Find Specific GPO Settings
Find Specific GPO Settings KB ID 0001850 Problem To find Specific GPO Settings are being applied, and which GPO is affecting which setting, you can generate an html report, there are two ways of doing this. You can either run the report on the affected machine, or if you do not have access, you can generate the same report on a domain controller (or any machine that has the group Policy Management console installed). Solution: Find...
Auto Update ADMX Files
Auto Update ADMX KB ID 0001824 Problem It’s been a long time since I ran through setting up a central policy definitiosn store. In that time, you’ve probably had to copy ADMX (and ADML) files into your central store manually. Microsoft updates typically DO download updates but puts them (usually) in C:\Windows\PolicyDefinitions, There’s probably a sensible reason for that. When someone cleverer than I has scripted...