Disabling IPv6
Disabling IPv6 KB ID 0001832 Problem Stop! Why do you want to disable IPv6? I see this regularly in forums, with other unusual statements like “If you’re not using it disabling it” or “It’s just another attack vector, disable it.” Well unless you’re running Windows XP and Server 2012 you’re using IPv6. If something does not work and disabling IPv6 fixes it, then it’s usually...
Windows Remote VPN no DNS
VPN no DNS KB ID 0001402 Problem I’ve been setting up a VPN solution on the test bench as I’m looking at Always On VPN. When I noticed that I had a problem with my remote VPN connections on Windows. They would connect fine but I could not resolve any FQDNs for my domain? VPN no DNS Solution By default, all (Windows) VPN connections are ‘Force Tunnel’ (this means they have the option ‘Use default gateway...
Manually Update Windows Trusted Root Certificates
Manually Update Windows Trusted Root Certificates KB ID 0001831 Problem These days your trusted root certificates are simply updated with Windows Update, but what if your servers have no internet access? In this example I will manually update the root certs by downloading them on a machine WITH internet access then importing on another machine that has not. Bear in mind: If none of your machines have internet access they cannot check...
Windows LAPS
Windows LAPS KB ID 0001822 Problem We used to have Microsoft LAPS, now we have Windows LAPS! LAPS is a solution that lets’ you store admin passwords ‘elsewhere’ be that in your local Active Directory or Azure Active Directory*. Unlike previously, where you had to deploy/install client software, it’s now built into Windows from the following versions. Windows 11 22H2 – April 11 2023 Update Windows 11 21H2...
OneDrive GPO (Domain Group Policy)
OneDrive GPO KB ID 0001821 Problem The administrative template that you get with Win11 is somewhat out of date, so if you want to manage OneDrive with domain group policy your options are limited, if only there was a newer administrative template! Well, there is, and it gets updated and sent to you quite regularly. Microsoft just do a good job of hiding it. Solution OneDrive GPO Depending on your deployment the files you need can be...
Microsoft Edge Multiple Statup Pages (via GPO)
Microsoft Edge KB ID 0001818 Problem Controlling Microsoft Edge with Group Policy is pretty straight forward, you just need to ensure the msedge.admx and msedgeupdates.admx files have been added to your policy definitions store in the right folders. If you have no idea what I’m talking about, see the following article. Microsoft Edge on Server 2019/2016 (and Citrix) Then you can deploy group policies to your...