Does Disabling User/Computer GPO Settings Make Processing Quicker?

Hi everyone! Graeme Bray with you again today to talk about an age old discussion point. Does Group Policy process quicker if you disable the User/Computer sections of a specific policy? We’re going to walk through my lab setup, grabbing the policies, comparing them, and then confirming that I actually did disable the policy section…. Read more

Tick Tock: Time to Dive Deep!

Looking at the Windows Time process and configuration there and back again As last we met, I am Tim Medina Sr PFE with Microsoft and we are coming to a conclusion of our three-part journey in time. First we took some time to look at the new features and aspects of Windows Time in Windows… Read more

Is Group Policy Slowing Me Down?

Hello all, Nathan Penn back again to cover one of the more frequently brought up topics: System bootup and user logon performance – Specifically “Is group policy slowing me down in my environment?” Luckily, if we know where to look we can get right to that answer quickly. To start, let clarify a couple of… Read more

CredSSP, RDP and Raven

Welcome to another edition of AskPFEPlat, this is Paul Bergson and Graeme Bray bringing up the topic of CredSSP when in use with the Remote Desktop Protocol. This topic became an internal discussion around Premier Field Engineering and customers like you as to how this would impact accessing systems via RDP starting in May. This… Read more

Delegate WMI Access to Domain Controllers

Hi everyone! Graeme Bray back with you today with a post around delegating WMI access to Domain Controllers. Continuing the tradition of security themed posts that we’ve had recently on AskPFEPlat, I thought I’d throw this one together for you. This post originally came about after several customers asked how to remove users accounts from… Read more

10 Tips and Tricks from the Field

Hello All. The AskPFEPlat team is here today with you in force. Recently we put together 10 Tips and Tricks from the Field – a collection of tips and tricks in our tool belt that we use on occasion. We wanted share these with all our readers in-an-effort to make your day a little easier…. Read more

PKI Basics: How to Manage the Certificate Store

Hello all! Nathan Penn and Jason McClure here to cover some PKI basics, techniques to effectively manage certificate stores, and also provide a script we developed to deal with common certificate store issue we have encountered in several enterprise environments (certificate truncation due to too many installed certificate authorities). PKI Basics To get started we… Read more

Schannel Follow-up

Hello all! Nathan Penn back again with a follow-up to Demystifying Schannel. While finishing up the original post, I realized that having a simpler method to disable the various components of Schannel might be warranted. If you remember that article, I detailed that defining a custom cipher suite list that the system can use can… Read more

AskPFEPlat Happy New Year Invitation!

HAPPY NEW YEAR everyone, and welcome to 2018! This is Brandon Wilson (Platforms and Active Directory PFE), and with the introduction of the New Year, I wanted to take some time to thank all our outstanding readers we’ve had over the years. And, now that the celebrations are (mostly) over, I wanted to pick all… Read more

Using WMI to Verify Group Policy

Scenario: My name is Benjamin Morgan and I’m a Platforms PFE. Recently I was working with a customer on a Windows 10 upgrade project and they posed an interesting requirement. They needed to be able to verify that their required group policies were being applied and they needed to be able to run a report… Read more