Windows 10 1607 Group Policy Spreadsheet

Micorosft has continued their rapid pace of releaseing new version of Windows 10 and has now released a the 1607 Anniversary update. As with any new major release of Windows there is of course an updated and new Group Policy settings. Therefore the Group Policy team have now released an update Group Policy setting spreadsheet that is an excellent reference to find all the new settings.

If you are not familiar with this spreadsheet(s) they are a reference sheet done by the Group Policy team taken from the ADMX files of each of the OS releases. This makes it very easy to find details about each GPO including what registry keys are set based on the policy setting.

In case you are not sure the “Windows10andWindowsServer2016PolicySettings.xlsx” is the version for 1607.

Settings

Security Compliance Manager 4.0 now available for download!

The Security Compliance Manager (SCM) is a free tool from Microsoft that enables you to quickly configure, and manage the computers in your environment using Group Policy and Microsoft System Center Configuration Manager. This version of SCM supports Windows 10, and Windows Server 2016.

You can easily configure computers running Windows 10 and Windows Server 2016 based on Microsoft Recommended Security Baselines and industry best practices.

You can download SCM 4.0 here.

Updates include:

  • Support for existing Windows 10 version 1507, and Windows 10 version 1511 security baselines
  • Support for upcoming Windows 10 version 1607, and Windows Server 2016
  • Bug fixes for ‘Compare’ and ‘Simple View’ features in SCM

The latest version of SCM offers all the same great features as before, plus bug fixes, and added support for upcoming baselines. SCM 4.0 provides a single location for creating, managing, analyzing, and customizing baselines to secure your environment quicker and more efficiently. In addition to the latest software releases, you can also configure previous additions of Windows client, Server, and Microsoft Office.

SCM provides DCM 2007 configuration packs that allow you to manage configuration drifts using Microsoft System Center Configuration Manager. Microsoft’s Operations Management Suite also supports monitoring for Security Baselines in your Server environments.

from Microsoft Solution Accelerators Security & Compliance http://ift.tt/2aASzxE
via IFTTT

The post Security Compliance Manager 4.0 now available for download! appeared first on Group Policy Central. by Alan Burchill

from Group Policy Center http://ift.tt/2aAPTAw
via IFTTT

Security Compliance Manager 4.0 now available for download!

The Security Compliance Manager (SCM) is a free tool from Microsoft that enables you to quickly configure, and manage the computers in your environment using Group Policy and Microsoft System Center Configuration Manager. This version of SCM supports Windows 10, and Windows Server 2016.

You can easily configure computers running Windows 10 and Windows Server 2016 based on Microsoft Recommended Security Baselines and industry best practices.

You can download SCM 4.0 here.

Updates include:

  • Support for existing Windows 10 version 1507, and Windows 10 version 1511 security baselines
  • Support for upcoming Windows 10 version 1607, and Windows Server 2016
  • Bug fixes for ‘Compare’ and ‘Simple View’ features in SCM

The latest version of SCM offers all the same great features as before, plus bug fixes, and added support for upcoming baselines. SCM 4.0 provides a single location for creating, managing, analyzing, and customizing baselines to secure your environment quicker and more efficiently. In addition to the latest software releases, you can also configure previous additions of Windows client, Server, and Microsoft Office.

SCM provides DCM 2007 configuration packs that allow you to manage configuration drifts using Microsoft System Center Configuration Manager. Microsoft’s Operations Management Suite also supports monitoring for Security Baselines in your Server environments.

from Microsoft Solution Accelerators Security & Compliance http://ift.tt/2aASzxE
via IFTTT

More Microsoft Guidance on MS16-072

So Microsoft PFE team have just released a blog called “Who broke my user GPO?” which is rather ironically title as the answer was “Microsoft did”. But anyhow, this new post has a detail description of the problem and what can be done to fix the issues and what to do if you have AGPM deployed in your environment..

It also points out that you need to added either “Authenticated Users” or “Domain Computers” Read permission to fix the problem. But if you have a multiple domain environment you are going to need to add “Domain Computers” multiple times for the GPO’s to work cross forest.

See the full article here https://blogs.technet.microsoft.com/askpfeplat/2016/07/05/who-broke-my-user-gpos/