In this tutorial, I will explain how to copy / duplicate / clone a Group Policy (GPO). To do this, you have two solutions, either go through the GUI and the Group Policy Management console or use PowerShell. I’ll show you both, then it’s up to you to choose which one is right for you. …
In this tutorial, I’ll explain why and how to update Group Policy Definitions (GPOs) in an Active Directory environment. Before explaining how to do this, we will see why to update the files, for understanding I will start from an example. You are in an Active Directory environment which is composed of 2 Windows Server …
In this tutorial, we will see how to restore GPO Default Domain Policy / Default Domain Controller Policy to default. On domain controllers, a DCGPOFIX command line tool is available to restore the 2 default policies. Before proceeding with the restoration of the policies, I advise you to make a backup of this one before. …
In this “How” tutorial, I will explain how to create a central store to centralize the group policy definition files (ADMX / ADML).The central store allows file replication using the SYSVOL directory of domain controllers and therefore having the same configuration on all the controllers.
Presentation In this tutorial, we will see how to configure AppLocker in an Active Directory environment using group policies. AppLocker is a Windows feature that is similar to a firewall at the application level. AppLocker allows you to control the applications running on computers. AppLocker is able to act on: Executables (.exe). Windows Installer (msi, …
Read moreAppLocker : configuration in an Active Directory environment
Presentation In this tutorial, we will see how to store the Bitlocker recovery password in the Active Directrory. The recovery password is requested when the user forgets his pin code or when he wishes to access the hard disk on another computer when the TPM module has been used. Viewing passwords is done using the …
Read moreBitlocker : store recovery password in Active Directory
Presentation In this tutorial, we will see how to activate automatic session locking after a period of inactivity. This group policy increases the level of security, because many users do not lock their session when they leave their workstation. The parameters that we will configure apply to Users. Activate automatic session lock From a domain …
Presentation of the central store The central store makes it possible to share and synchronize all of the Group Policy Definition (ADMX) files on all of the domain controllers by relying on the SYSVOL folder. By default the ADMX files are in the C:\Windows\PolicyDefinitions folder which is specific to each domain controller. It is also …
Presentation In this tutorial, we will see how to set up a GPO that will execute a logon script. Logon scripts are usually in batch or vbs format, it is also possible to run PowerShell scripts. The use of script in PowerShell requires to authorize the use of remote script (set-executionpolicy), it is also necessary …
Presentation The Work Folders feature allows you to set up a personal folder synchronized with a file server in HTTP (s) using a client available on Windows, Android and Apple. If web access is published on the Internet, this solution can synchronize files even from outside the company for mobile users. Work Folders are similar …