Control of USB devices with GPO's
A Utility of Policies, that is not normally used and is easy to set up, we could regulate the hardware that users connect to machines by using an Active Directory GPO, controlling for example the use of USB devices.
Tag: gpo
Importing/Exporting Local Policies from/to GPO Directives with 'LocalGPO'
The other day we installed Microsoft Security Compliance Manager, today we see that within its installation we have a command-line utility called LocalGPO. It will allow us to export the local policies of a computer to a GPO policy backup to later use them in the Active Directory or import from a GPO backup (Active Directory) to the home team, Useful for computers that can't belong to a domain, teams in DMZ…
Microsoft Security Compliance Manager – Hardening our servers
Microsoft Security Compliance Manager 2 is a repository of Microsoft security templates that we can apply to our servers or PCs on our network providing greater security, since these templates are predefined depending on the OS. and the services run by the target machine. The good thing is that we will be able to keep the templates always 'up to date’ through updates that we can download from the console. We will be able to import GPOs, More Baselines… we will be able to edit/duplicate them and to apply them to our environment we will export them.
Using VMware View GPO's 4.6
In this document, we'll look at the policies that we can apply at the Active Directory level to our VMware View environment, since we have various administrative templates to be able to manage the agents, clients, Servers, common configuration and especially if we need to optimize the PCoIP protocol. The document shows all the existing GPO's to be able to centrally manage our VMware View 4.6, Of course, in English 😉
Migrating GPO's between different domains
If we need to carry policies from one Active Directory to another and we don't have a trust relationship, or there is no possible communication between them, we could make a backup of the GPO's that we are interested in in the source domain and import them through the migration tables in the destination domain. This document is valid for migrating GPO's between any version of Windows Server, since 2000, 2003, 2003 R2, 2008 or 2008 R2; In this document we will see how to perform these steps.
Installing certificates for our users via GPO
In any organization, Our users need certificates to access certain websites, whether for your own authentication or on behalf of your company. The most normal thing is that it is? install the certificate on the computer with the logged-in user, which is a manual process and that we have to take into account when a new person enters the organization, or when we have to renew a certificate, We have to do this process as many times as necessary. Well, we can use the directives of our Active Directory to assign certificates to users fully automatically.
