You are here: Windows OS HubGroup Policies

Archive for the 'Group Policies' Category

Defending Windows Domain Against Mimikatz Attacks

Posted on December 7th, 2017 · Posted in Group Policies, Security
mimikatz: ERROR kuhl_m_privilege_simple ; RtlAdjustPrivilege (20) c0000061

The IT community remembered late June, 2017, due to massive infection of many largest companies and government institutions in Ukraine, Russia, Germany, France and some other countries with a new ransomware Petya (NotPetya). In most cases, after its penetration into a corporate network Petya quickly spread to all computers and.. read more

How to Disable NetBIOS Over TCP/IP and LLMNR Using GPO

Posted on December 4th, 2017 · Posted in Group Policies, Security
disable netbios using powershell script on gpo

Using obsolete protocols without explicit need may become a potential security flaw in any computer network. In this context, the recent buzz over WCry ransomware is showcase, and the easiest way to protect against it was to stop using the obsolete SMBv1 protocol by completely disabling it. Broadband protocols, like.. read more

How to Configure a Slideshow Screensaver Using GPO

Posted on August 22nd, 2017 · Posted in Group Policies, Windows 10
win10 configure Photos screensaver

My management decided to set the same slideshow screensaver on all PCs in the company. The images of the slideshow should have corporate design and provide general rules of information security, useful tips or some other reference information. First of all, they considered the development of their own screensaver in.. read more

Prevent Changing IE Proxy Settings Using GPO

Posted on July 27th, 2017 · Posted in Group Policies
lockdown proxy dialog box

In this post, I’ll show you an easy way to prevent users without administrator privileges from changing the proxy server settings by blocking corresponding elements Internet Explorer dialog window using GPO.

Troubleshoot Slow GPO Processing and Login Speed Impact

Posted on May 22nd, 2017 · Posted in Group Policies
gpresult html report

Quite often, domain users complain about slow computer startup and login time caused by long processing of Group Policies (GPO). From the user’s point of view, the computer boots for a long time and it seems it hangs up for several minutes on the stage of “Applying computer/user settings“. In.. read more

Using WMI Filter to Apply Group Policy to IP Subnet

Posted on May 3rd, 2017 · Posted in Group Policies
wmi query Win32_IP4RouteTable

This time it was necessary to apply GPO to computers in the specific IP subnet. In the simplest case, when the subnet is a part of a separate Active Directory site (and this is the only subnet in the site) you can assign your GPO to the AD site. It.. read more

Managing Default File Associations in Windows 10

Posted on April 20th, 2017 · Posted in Group Policies, Windows 10
Dism.exe Export-DefaultAppAssociations to xml file

In Windows 8 and Windows 10 a new mechanism to manage default  file associations appeared. In this article I’ll show how to set a default browser to open HTML files, import these settings to the XML file and distribute this file containing file associations to other computers manually or using.. read more

Managing Start Layout and Taskbar Pinned Apps Using GPO

Posted on March 10th, 2017 · Posted in Group Policies, Windows 10
Windows 10 manage Start Layout via GPO

In Windows 10 RTM and Windows 8.1 were available only two modes to configure Start menu and Start Layout settings on a domain computers: you could either completely block any changes of Start Layout elements, or a user could change any layout settings. In  Windows 10 build 1511, a feature.. read more

How to Block Viruses and Ransomware Using Software Restriction Policies

Posted on January 12th, 2017 · Posted in Group Policies
list of srp rules

We go on with the series of articles on counterstrategies to the viruses and encryption malware (Ransomware, CryptoLocker , etc.) in the corporate environment. Earlier we considered how to configure Windows file server protection using FSRM and restoring encrypted files from VSS snapshots after infection. Today we’ll talk about how.. read more

Recovering Encrypted Files from VSS Snapshot after Ransomware Infection

Posted on November 22nd, 2016 · Posted in Group Policies, Windows 10, Windows 7
mount shadow copy using vshadow.exe

We go on with the series of articles concerning the countermeasures against ransomware. Last time we considered a simple way of protection against encryption ransomware.on Windows file servers using FSRM. Today we’ll talk about how to easily recover your files if the ransomware has already penetrated on the computer and.. read more