Home
Resources
Training
About Us
eStore
<a href="http://www.isdecisions.com/en/software/userlock/?xtor=SEC-230"><img src="http://www.isdecisions.com/images/pubs/Randy/userlock.gif" alt="UserLock" border="0" /></a>

>

resources > articles > Group Policy

 

 

 

 

 

 

 

Latest Blog: WinReporter 4.0 Makes It Easy to Assess Attack Surface

  

Randy Franklin Smith - Articles on Group Policy

most recent | by year | by subject

Figuring Out Which GPO’s Policy Is Taking Precedence
Are you able to assign short or blank passwords even though your Default Domain Policy is set for stricter requirements? Find out which policy is overriding the Default Domain Policy. <more>

Controlling User Access to Removable Storage Devices. If you're worried about viruses or malware being introduced into your environment through removable storage devices, you'll be happy to know that Vista includes policies for controlling access to these devices. <more>

Creating a Domain Global Group Called Member Computer Local Admins. Don't give computers Domain Admins rights to deploy SMS to clients; if you do, both the computer and its administrator have full access to AD. <more>

Using Group Policy to Deploy an SCW-Developed Security Policy. Find out how to use Group Policy to deploy an SCW-developed security policy to many servers. <more>

Access Levels for Security Administrators. Ideally, security-monitoring and administrative responsibilities should be assigned to different people. Here's a framework for the access levels security administrators should have and some recommended tools to help them do their job. <more>

Preventing Users from Trusting CAs They Encounter While Browsing. Use this tip to prevent users from accessing imposter Web sites that try to fool users by using rogue CAs. <more>

Preventing Users from Using the Remember password Feature. Learn how you can prevent users from using the Remember password feature for Web applications and shared folders. <more>

Viewing the Security Settings on a Computer. The GPMC Group Policy Results feature lets you obtain a report of all the effective Group Policy settings (including security settings) from a system. <more>

Limiting Users' Ability to Add a Workstation to the Domain. Disable Add workstation to the domain right in the Default Domain Controller Policy GPO, and make sure the Create Computer permission isn't granted to a broad user group. <more>

Logging Domain Policy Changes. In Windows 2000 SP3 and later, event ID 643 once again logs domain policy changes, as it did in Windows NT. <more>

Configuring Intranet Access Without Giving Internet Access. You can use security policies to allow intranet access while preventing Internet access. <more>

Granting Administrator Rights Remotely. Use Group Policy along with other techniques to grant a domain user administrator rights on a workstation without going to the workstation and manually adding the user to the local Administrators group. <more>

Preventing Users from Disabling a Screen Saver. Use an AD or local computer GPO to hide the Screen Saver tab from users.<more>

Controlling Group Policy, Part 1. Get a grip on Group Policy Objects and Group Policy application maneuvers in Win2K. <more>

Controlling Group Policy, Part 2. Find out how processing options let you control how Win2K applies Group Policy. <more>

Importing Security Settings into a GPO. To transfer security settings from one GPO to another, export the first GPO's settings to a security template, then import them into the second GPO. <more>

Setting Policies for Users Who Travel. A user's computer can remain disconnected from your network indefinitely, and the policies that were in effect the last time the computer successfully refreshed group policy will remain in effect. <more>

Requiring a Password When Resuming from Hibernation or Stand by Mode. If users disable the password dialog box that's typically required to resume from hibernation or Stand by mode, they put your network at risk. Here's how you can prevent the problem. <more>

Protecting Your Network Using NAQC. Do your users need to access your network from insecure computers that might lack up-to-date anti-malware? Here's one way to protect your network from such computers. <more>

Using NAP to Control LAN Access. NAP lets you enforce system health policies on computers before allowing them to access your network. <more>

Get this valuable commentary each month as soon as Microsoft releases security updates!

Free log parser scripts, a clear explanation of Microsoft's latest security bulletin, helpful security tips, how-to's and more.

Email address:
 

Newsletter archive
Your e-mail address will be held strictly confidential and you can unsubscribe at any time.


Additional Links

A
D
V

Sick of LimitLogin? Get UserLock for real logon control

NEW! GFI EventsManager 8 Extends Event Management Capabilities. Find Out More.

Get Randy's Security Log Resource Kit


Ultimate Windows Security is a division of Monterey Technology Group, Inc. ©2006-2007 Monterey Technology Group, All rights reserved.
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk.

Site Map