Group Policy Patch MS16-072– “Breaks” GP Processing Behavior
One of Microsoft’s latest patches changes the security context of GPO processing for the user policies. This is a new ‘feature’ not a bug, its a new way of securing GPO processing.
You can read Microsoft’s KB on it from KB316622
sdmsoftware has a powershell script to automate the security change for you.
It would be nice if Microsoft gave more of a warning on this change. Instead the patch is released and it can cause GPO’s not to apply as expected because the new requirements for security.
Not what I wanted to be working on today. We will be patching this weekend.
More Stories
Quick PowerShell for the win
I'm always grabbing useful PowerShell commands or small scripts that I find useful. Here a couple from this week. I...
quick hit – Block personally owned devices in Intune with enrollment restrictions
https://twitter.com/SuneThomsenDK/status/1432759874014875651 Block personally owned devices in Intune with enrollment restrictions - OSDeploy | Sune Thomsen (osdsune.com)
Quick hit – Endpoint security and intune
endpoint and intune security features- tweet Endpoint & Security, The Curse of the Were-Applocker - Call4Cloud https://twitter.com/ooms_rudy/status/1432624423660621826
Blocking usb storage devices with intune
Moving from GPOs and SCCM to Intune and I've been searching for the best way to block usb storage devices...
Powershell reports for users with MFA setup in o365
Just a quick post about how to findout which users have setup MFA. Get-MsolUser -all | select DisplayName,UserPrincipalName,@{N="MFA Status"; E={...
Microsoft endpoint manager and windows updates
I'm working on getting our machines at work updated through Microsoft endpoint manager (intune) and reporting and slow updates have...