New Group Policy Settings in Windows 10 (RTM Release)

I blogged last October about the new Group Policy settings in the first preview version of Windows 10. There was not too much to write about and I thought now that the RTM bits are here it might be fair to take a look at it again. Things are looking much better now, but I must say that I was hoping to find a bit more on the GPO side of the mighty Windows 10. For example, there’s only a handful of settings related to configuring or hardening Microsoft Edge. I have to believe that there’s more to come in the future.

Anyways, you can get the all new ADMX templates here Microsoft also released a spreadsheet of the settings, which you can get here: Go get them! Continue reading

KRBTGT Account Password Reset Scripts available for download

KerberosThis is something worth mentioning. In the times of Pass-the-Hash credential theft, Golden Tickets and mitigating the risks around Kerberos authentication, Microsoft has released a very helpful script to automate things. The script resets the password of the krbtgt account. This in effect invalidates and reduces the lifetime of issued Kerberos tickets. This, in turn, mitigates the risks involved in a situation where a ticket is possibly compromised. This doesn’t prevent the attacker from gaining access to your domain again, so this is by no means any sort of all-in-one solution.

I tried this in my enterprise scale lab (2 DC’s, 5 servers, 3 clients :)) with no problems. Very helpful and a great chance to learn something. Go on, try it out. But be aware, in a production environment, make sure you know what you are doing. Otherwise, you might end up bringing your entire domain to its knees. There’s a Word document describing the usage, so make sure to read that. There’s also no harm in taking a peek in the actual script as it seems to have no rocket science in it.

Get the goods in the blog post by Tim Rains in the Cyber Trust Blog.

MDOP 2014 R2 is finally here

The Microsoft Desktop Optimization Pack 2014 R2 is finally here! It appeared on MSDN downloads already last week, but once you tried to download the image the download failed. I guess the official release date was today. The release includes updates and improvements for APP-V (5.0 SP3) and UE-V (2.1). Personally I’m mostly interested in UE-V since the 2.0 release had some bugs specifically on Windows 7. Hopefully they’re fixed this time around. I’ll probably get back to this once I dig a little bit deeper.

Meanwhile, the official release info can be found here.

Finally, a New Version of Remote Desktop Connection Manager (RDCMan version 2.7)

Howdy, folks! It’s been a while since my last post. It’s been pretty hectic at work and I was on a family vacation for a few weeks staring at the sun and listening to the waves. :)

The one tool that we all use is the Microsoft Remote Desktop Connection Manager. The last version (2.2) was released back in 2010 and it has been quiet since then. I actually saw MS employees using a newer version of it in their presentations at TechEd North America. Surprisingly, there’s a new version out now. Hopefully it has full support for the newer OS versions and we don’t have to see those annoying errors connecting to servers when nothing else helps but to close and restart it.

Remote Desktop Connection Manager 2.7

Anyways, go get it here. Details of new features and fixes can be found in the 250 Hello Blog.

New Group Policy Settings in Windows 10 and Windows Server 10 (aka Windows Next)

As a fan of Group Policies I took a peak under the hood of the new Windows 10 and Windows Server 10. Hoping there’d be loads of new settings I searched through the PolicyDefinitions folder found in Windows folder of the system volume. To my disappointment I only found one. :( Continue reading

Remote Server Administration Tools (RSAT) for Windows 10 Technical Preview

I too have joined the Windows Insider Program to try out and play with the future version of the Windows operating system. It’s going to be an interesting year ahead of us if it’s really going to be like they say; new features and stuff almost weekly from now on! I’m mostly interested on the server side of things and to my surprise the preview versions of Windows Server and System Center (minus ConfigMgr) came out too!

windows10_logo Continue reading

MS14-045 (KB2993651) Fixed and Re-released

Sadly Microsoft has been providing faulty updates this past year. Even I blogged about one a while back. This month, the crappy update was MS14-045, KB2993651. As the web piled up with reports of Blue Screens of Death and other problems, after a few days MS pulled the faulting update from the Windows Update Catalog and recommended uninstalling it even from successful deployments. Good for those who hadn’t installed it yet, bad for those who’d already approved it for install in WSUS or other deployment solutions. Blue screens caused my monthly updates are not what you want for your machines. Continue reading

Clouds in the IT Pro sky…or is there a Silver Lining?

It’s been almost two months since Microsoft TechEd North America 2014 in Houston, Texas. This post has been somewhat difficult to write and I’ve had to allow myself some time to ponder and let the information and stuff really sink in. Here are some of my post-TechEd thoughts around the new “Cloud Era” we’re about to enter. If nothing else, Microsoft’s attitude and selection of content at the conference made me think and realize how serious MS really is about Azure and the future of the business.SilverLining

Continue reading

Security Update for Windows Server 2012 R2 (KB2920189) – Install Fails with Error Code 0x800F0922

A faulting security update was released on Patch Tuesday this month (May 13th). I wonder how this has been able to fly under the radar through testing? As the following support article states, you receive Error Code 0x800f0922 when you try to install this security update. Continue reading