List all Group Policy Extensions Registered

I use this script to see all GP extensions that my computer can process:

ls 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions' | select `
    @{name='Guid';expression={[guid]$_.pschildname}}
    @{name='Name';expression={$_.GetValue('')}}
    @{name='DllName';expression={$_.GetValue('DllName')}}
    @{name='ProcessWhenNoChanges';expression={!$_.GetValue('NoGPOListChanges')}}
    @{name='IsUserPolicy';expression ...
more ...

Putting your Windows to sleep

Although there are many blog posts about configuring standby ("sleep") in Windows, each one with its own insomnia joke, I thought I'd share my methodology .

PowerCfg -energy:  The one tool to sort it all

I only learnt about this command near the end of my testing, but it still ...

more ...

Preventing Users from Adding Computers to a Domain

Some time ago, we've come to the conclusion that the computer accounts in the domain are disorganized. After doing the tedious job of sorting existing accounts, we saw that new computer accounts are still being added to the "Computers" container, and we had no idea which computer was behind ...

more ...

Group Policy Security Filtering and Loopback

I recently discovered that when applying a GP object using loopback and user security filtering (allowing only specific users to apply the GP), the computer still needs read access to the GP.

Otherwise, the GP will show up as not applied due to it being "inaccessible":

My guess is that ...

more ...

Opening Group Policy Management Editor from the Command Line

Yesterday I wanted to open the Group Policy editor (or "Group Policy Management Editor") for a specific GP object through PowerShell, but there is no "Edit-GPO" cmdlet. I quickly checked from the task manager how the GPMC opens the editor, and made my own:

function Edit-GPO([guid]$guid){
$domain = Get-ADDomain ...
more ...

Windows Event Collection

I've recently implemented an enterprise-wide solution of event collection in our organization, using Windows' built-in mechanism called the Windows Event Collector.
This mechanism allows you to collect events from computers running Windows NT5+ (XP/Server 2003 and greater) into Windows NT6+ (Vista/Server 2008 and greater) machines. The only ...

more ...

Solving and preventing "Topology Discovery failed, error 0x80040a02"

Recently our Exchange 2003 environment broke down when we demoted our last ancient DCs. We panicked and re-promoted them, but no avail. The Exchange servers won't finish loading (they'd get stuck on "Applying computer settings", while actually waiting for the Microsoft Exchange System Attendant service to finish starting ...

more ...

Showing "Mail" icon in control panel through Group Policy

I recently had to lock down a Windows 2008R2 remote desktop server (terminal server)
One of the requirements was to show only some control panel items, a setting that can be achieved using the Group Policy setting "Show only specified Control Panel items" (under Policies > Administrative Templates > Control Panel), but ...

more ...

Setting Dynamic RPC Port Ranges

We recently had to manually set the dynamic RPC port range in our servers, mainly because Exchange 2010 sets the port range so wide that the firewall guys (rightfully) refused to create a rule with that range.

Warning - at your own risk!

When I found out about those settings, I ...

more ...