Active Directory group policies, also called Group Policy Object (GPO), are one of my core topics. I have a lot to do with this in various projects and as a Microsoft trainer. As a result, I have accumulated a number of templates and links. This link collection should make your search a little easier. Only templates of the respective manufacturers or projects are listed here. I have deliberately avoided third-party guidelines.
Changes in the life cycle of Microsoft products due to Corona / COVID-19.
Microsoft is extending the current lifecycle for some products to relieve the burden on IT departments. I took this opportunity to update the LifeCycle Diagrams from the articles “Microsoft Lifecycle Diagrams” and “Other Lifecycle Diagrams” from last year.
This time I translated them directly into English.
Since I’m very busy with deployment and rollouts, I thought I’d write a few basic articles that I could refer to. This sometimes saves you some time in workshops for the more interesting things or gives administrators incentives to automate things.
Soon it is time, for Windows 7 the extended support ends on 14.01.2020. As with every end of operating system support the end comes “completely surprising”, okay, not really. At the beginning everything looks so far in the future, it is still x years time. But in the end, the problems appear.
I already saw this at the “surprising” end of XP. But there are also cases where migration is not so easy. Special problem areas can be interfaces to special Hardware. For instance, measuring workstations or production control systems. If a measuring instrument with current Windows 10 support directly costs a few tens of thousands of Euros, then you consider the investment.
Behind the feature “Automatic Virtual Machine Activation” is a function in Microsoft Windows Server 2012R2 Datacenter, Microsoft Windows Server 2016 Datacenter and Microsoft Windows Server 2019 Datacenter for Hyper-V, but it works only with the Datacenter Edition activated. With this feature, all supported Windows Server operating systems since Microsoft Windows Server 2012R2 can be automatically activated by the Hyper-V host. But only up to the own version, which means that a Windows Server 2012 R2 Datacenter Hyper-V cannot activate Windows Server 2016. The limitation of this feature to the Datacenter Edition is due to the unlimited Virtual Windows Server Guests covered by the Datacenter License. The advantage is that it is now easier to assign the license to the corresponding datacenter license during a software audit on the AVMA license key.
In the past, a company-specific standard was usually always used for local administrator passwords. But what do you do if an employee who knows the default password leaves the company?
Right, it should be changed. In the past, Group Policies (GPO) were often used for this, even if the password was in clear text in SysVol. This was fortunately stopped by Microsoft. What other solutions are available? In practice I have seen VBS or PowerShell scripts, the good ones have random passwords, the bad ones only a standard.
But isn’t there a well designed solution from Microsoft? Yes, there is, Local Administrator Password Solution (LAPS).