Keeping your company secure using Group Policy

In this TechEd session I presented at TechEd New Zealand 2014 I covered some of the changes with Group Policy preferences recently as well as some of the new Group Policy improvements you can do to protect yourself against Pass the Hash attacks. Unfortunately at the end one of my Demo’s did not work however I actually did get …

Continue reading ‘Keeping your company secure using Group Policy’ »

How to remove cPassword values from Active Directory

With the recent MS14-025 security patch Microsoft has removed the ability to configure passwords in Group Policy Preferences via the User Interface. However this update does not remove the password value from AD nor does it stop the value being applied to computers/users. So, if you have apply MS14-025 and you have also implemented another …

Continue reading ‘How to remove cPassword values from Active Directory’ »

Group Policy Preferences Password Behaviour Change – MS14-025

A number of month ago I did a blog post explaining why the use of passwords (a.k.a. cPasswords)  in  Group Policy Preferences was such a bad idea ( see Why Passwords in Group Policy Preference are VERY BAD). Well Microsoft have now taken the additional steps and now release a new hot fix for Group …

Continue reading ‘Group Policy Preferences Password Behaviour Change – MS14-025’ »

Why Passwords in Group Policy Preference are VERY BAD

A long time ago did a blog post explaining how to use the Group Policy Preferences Local Users setting to manager the password of the local accounts. This post explained how to do it  in a way that minimised the exposure of the password in Active Directory (see  How to use Group Policy Preferences to …

Continue reading ‘Why Passwords in Group Policy Preference are VERY BAD’ »

Internet Explorer 11 Group Policy Preferences

With the release of Internet Explorer 11 from Microsoft for Windows 7 I have seen a number of question asking where are the Group Policy Preferences are for this new version of the browser? The good news is that the current Internet Explorer 10 Group Policy Preferences officially supported see http://support.microsoft.com/kb/2898604 . This works as …

Continue reading ‘Internet Explorer 11 Group Policy Preferences’ »