How to remove cPassword values from Active Directory

With the recent MS14-025 security patch Microsoft has removed the ability to configure passwords in Group Policy Preferences via the User Interface. However this update does not remove the password value from AD nor does it stop the value being applied to computers/users. So, if you have apply MS14-025 and you have also implemented another …

Continue reading ‘How to remove cPassword values from Active Directory’ »

Why Passwords in Group Policy Preference are VERY BAD

A long time ago did a blog post explaining how to use the Group Policy Preferences Local Users setting to manager the password of the local accounts. This post explained how to do it  in a way that minimised the exposure of the password in Active Directory (see  How to use Group Policy Preferences to …

Continue reading ‘Why Passwords in Group Policy Preference are VERY BAD’ »

Out Now: Security Compliance Manager v2.5 Beta

Microsoft has just released Security Compliance Manager v2.5 beta https://connect.microsoft.com/site715/program2682 along with a heap of new security baseline for you to use to compare against your environment. In case you are not familiar with SCM then it is a great product from Microsoft that consolidates all the best practice for their software with in-depth explanation …

Continue reading ‘Out Now: Security Compliance Manager v2.5 Beta’ »

Out Now: Microsoft Security Compliance Manager v2

Microsoft has made available the final version Microsoft Security Compliance Manager v2 available for download. In case you don’t already know SCM is a great security analysis tool for your Microsoft products that works great with Group Policy but also with SCCM Desired Configuration Management (DCM) and Security Content Automation Protocol (SCAP). If you want …

Continue reading ‘Out Now: Microsoft Security Compliance Manager v2’ »

Out Now: Microsoft Security Compliance Manager v2 CTP

If  you were waiting to get your hand on the CTP of Microsoft Security Compliance Manager v2 after I wet your appetite in my previous blog post.  I am happy to report that it is now avaialbe for download and the instructions to download i can be found at http://blogs.technet.com/b/secguide/archive/2011/03/10/scm-v2-ctp-available-to-download.aspx In case you did miss …

Continue reading ‘Out Now: Microsoft Security Compliance Manager v2 CTP’ »