Active Directory group policies, also called Group Policy Object (GPO), are one of my core topics. I have a lot to do with this in various projects and as a Microsoft trainer. As a result, I have accumulated a number of templates and links. This link collection should make your search a little easier. Only templates of the respective manufacturers or projects are listed here. I have deliberately avoided third-party guidelines.
The KMS Client serial numbers help you only if you have a KMS Server or use Active Directory based activation. Read more about KMS in our article KMS Overview. This may not yet be translated.
Update: Now with Windows 10, Windows Server 2016, Office 2016
Update 2: Now with Windows 10 LTSB 2019, Windows Server 2019, Windows Server SAC, Office 2019
Update 3: Now with Windows Server 2022
Behind the feature “Automatic Virtual Machine Activation” is a function in Microsoft Windows Server 2012R2 Datacenter, Microsoft Windows Server 2016 Datacenter and Microsoft Windows Server 2019 Datacenter for Hyper-V, but it works only with the Datacenter Edition activated. With this feature, all supported Windows Server operating systems since Microsoft Windows Server 2012R2 can be automatically activated by the Hyper-V host. But only up to the own version, which means that a Windows Server 2012 R2 Datacenter Hyper-V cannot activate Windows Server 2016. The limitation of this feature to the Datacenter Edition is due to the unlimited Virtual Windows Server Guests covered by the Datacenter License. The advantage is that it is now easier to assign the license to the corresponding datacenter license during a software audit on the AVMA license key.
Changes in the life cycle of Microsoft products due to Corona / COVID-19.
Microsoft is extending the current lifecycle for some products to relieve the burden on IT departments. I took this opportunity to update the LifeCycle Diagrams from the articles “Microsoft Lifecycle Diagrams” and “Other Lifecycle Diagrams” from last year.
This time I translated them directly into English.
There are many ways to achieve a well-functioning Windows Server Update Services (WSUS) system. Unfortunately, not all of them lead to the final destination, many are rather stages on the way. One of these stages I would like to introduce to you here, solved with some PowerShell.
I recently had an interesting phenomenon in a rather extensive environment. With a newly installed WSUS Server based on Windows Server 2016, some clients encountered errors “0x8024400D”. The clients were previously connected to an old WSUS on Windows Server 2008R2. Strange, there everything worked…
The usual attempts to reset the WSUS client, for example, brought no improvement. So I asked Google.
In the past, a company-specific standard was usually always used for local administrator passwords. But what do you do if an employee who knows the default password leaves the company?
Right, it should be changed. In the past, Group Policies (GPO) were often used for this, even if the password was in clear text in SysVol. This was fortunately stopped by Microsoft. What other solutions are available? In practice I have seen VBS or PowerShell scripts, the good ones have random passwords, the bad ones only a standard.
But isn’t there a well designed solution from Microsoft? Yes, there is, Local Administrator Password Solution (LAPS).