Properly secure and document group policies

GPOBACKUP Properly secure and document group policies 1

It’s been some time since I started working on the first basic version of the script in August 2014, and posted about it on CONET’s blog. This first version came to just 6 lines of code without the header. Since then a lot has happened and the script has grown in the TechNet Gallery. Time for a new article about the script and its function.

Read more

Windows WinRM over HTTPs

A screenshot of a cell phone

Windows Remote Management is no longer a way to think in today’s world. But why do we do it unencrypted? Normally the authentication is done by Kerberos. That’s secure enough for most people. However, Kerberos also has limitations, for example when using local accounts.

In the standard system, communication is via HTTP via TCP port 5985. Why not HTTPS? This is possible, the port TCP 5986 is intended for this. Unfortunately, this is not only missing in the firewall rule templates but also has a few barriers still in the way. We take care of these barriers today.

Read more

The Microsoft Cloud and Data Protection

051219 0959 DieMicrosof2 The Microsoft Cloud and Data Protection 4

Since the GDPR / DSVGO introduction, the topic of data protection, privacy and compliance is still a topic with which many lawyers still earn money. The problem, in my opinion, the technical reality distance with that the whole was designed. Not to be kept silent of the fact that the exceptions to the law were not delivered equally. But all this does not help us, we have to follow it. But I would not like to hold up you too much with my personal opinion to the GDPR. We look at ourselves what Microsoft offers us at tools.

Read more

Ignite day 2 – Modern Management recap

Computergenerierter Alternativtext: Microsoft Intune Configuration Manager Other Endpoint Management Tools Integrated solution for IT admins to understand and take action across all endpoints in their estate Microsoft Endpoint Manager Status and alerts

Today was day 2 of the Microsoft Ignite in Orlando. Today I was in the focus in sessions about modern management on the move. That means, for example, Microsoft Intune, but especially the newly announced function of the “Microsoft Endpoint Manager”.

Read more

New version of get-GPOBackup

Neue Version von get-GPObackup

It has once again reached me a feature desire, and here is the implementation. With version 1.58 the group policy templates can be saved from the central store. This is especially good when importing new templates that may be buggy. This even happens to Microsoft with the German translations for Windows 10 times quite often. If you don’t know the script yet, I recommend having a look at the article: “Gruppenrichtlinien richtig sichern und dokumentieren“.

Read more

Choosing the correct Windows 10 Edition

Win10WordCloud Choosing the correct Windows 10 Edition 10

Choosing the right edition of Windows 10 can sometimes be harder than you think for companies. For most companies, the cost versus functionality is a consideration. But which versions are there? More than one actually thinks:

Read more

Unattended installation of software

A screenshot of a cell phone

Unattended software installation is standard in many environments. But how does it work? With an MSI it’s easy, but not everything is available as an MSI package. But many applications bring their own methods. Since I often need this, here is a small collection for the more important programs.

Read more