How to prevent the creation of GPOs from outside AGPM (Advanced Group Policy Management)

During my interactions with Premier Microsoft customers I have found out that the main reason for not using AGPM (Advanced Group Policy Management) in order to enforce change control procedures on Group Policy management is the lack of information on how to prevent GPOs from being created or edited outside of AGPM.Basically their experience tells…

3

Fine Grained Password Policies GUI in Windows Server 2012 ADAC

Hello my name is Paulo Viralhadas and I’m a Premier Field Engineer at Microsoft. Have you ever used Fine Grained Password Policies? This feature introduced in Windows Server 2008 allows you to override password policy set at the domain level. It applies password settings to subsets of users that you may like to differentiate from…

2

AD recycle bin feature and Windows Server 2012 GUI

Hello my name is Paulo Viralhadas and I’m a Premier Field Engineer at Microsoft.   The AD recycle bin feature has been released on Windows Server 2008 R2 without a graphical user interface, which made it’s deployment and usability (I mean recovering deleted objects from AD) somewhat difficult for system admins. In this post I…

1

How to clone a virtual Domain Controller

Hello my name is Paulo Viralhadas and I'm a Premier Field Engineer at Microsoft. On one of my previous posts I wrote about vDC cloning which is my preferred feature in Windows Server 2012 "http://blogs.technet.com/b/reference_point/archive/2012/12/11/so-you-wanted-to-deploy-domain-controllers-faster-now-you-can.aspx". VDC cloning gives you the ability to scale up your production forest and to recover from disasters faster, or simply to…

3