Configure RPC packet level privacy setting for incoming connections not show in group policy
Hi, it's about the group policy setting in windows server 2022, I have downloaded Windows Server 2022 Security Baseline.zip from https://www.microsoft.com/en-us/download/details.aspx?id=55319 Microsoft Security Compliance Toolkit 1.0 and imported SecGuide.adml and SecGuide.admx. I can see the MS Security Guide folder in local group policy editor, but there is no setting for "Configure RPC packet level privacy setting for incoming connections", I also try to find from All Settings, there is no such setting. Could you advice how to config it to let it show in the group policy editor or GPO. Thanks.
Tamper Protection managed by administrator and OFF - cannot be enabled manually when joined on-prem
Hi all, We are currently only managing Microsoft Defender ATP via Group Policy and there is no GPO for tamper protection. But we cannot enable it manually either-. "This setting is managed by your administrator" and set tamper protection to OFF. When deploying a new Windows 10 I can enable it manually. When joining the computer to on-prem AD and GPO for Windows Defender ATP hits, temper protection is turned off and you cannot change it. Is this by design or is there a GPO setting interfering? Thanks!Login Script to Popup a Windows Form
Hi, I am trying to popup a form via a PowerShell login script (User Configuration) but the form is getting supressed even when using: $form.Topmost = $true Does anyone know a way via PowerShell I can force the form to popup? I'd like to avoid using the "Run logon scripts visible" setting since its not the only script running and the form will only display when certain criteria are met. I can't post my actual script but its a pretty generic form much like this: Add-Type -AssemblyName System.Windows.Forms Add-Type -AssemblyName System.Drawing $form = New-Object System.Windows.Forms.Form $form.Text = 'Data Entry Form' $form.Size = New-Object System.Drawing.Size(300,200) $form.StartPosition = 'CenterScreen' $okButton = New-Object System.Windows.Forms.Button $okButton.Location = New-Object System.Drawing.Point(75,120) $okButton.Size = New-Object System.Drawing.Size(75,23) $okButton.Text = 'OK' $okButton.DialogResult = [System.Windows.Forms.DialogResult]::OK $form.AcceptButton = $okButton $form.Controls.Add($okButton) $cancelButton = New-Object System.Windows.Forms.Button $cancelButton.Location = New-Object System.Drawing.Point(150,120) $cancelButton.Size = New-Object System.Drawing.Size(75,23) $cancelButton.Text = 'Cancel' $cancelButton.DialogResult = [System.Windows.Forms.DialogResult]::Cancel $form.CancelButton = $cancelButton $form.Controls.Add($cancelButton) $label = New-Object System.Windows.Forms.Label $label.Location = New-Object System.Drawing.Point(10,20) $label.Size = New-Object System.Drawing.Size(280,20) $label.Text = 'Please enter the information in the space below:' $form.Controls.Add($label) $textBox = New-Object System.Windows.Forms.TextBox $textBox.Location = New-Object System.Drawing.Point(10,40) $textBox.Size = New-Object System.Drawing.Size(260,20) $form.Controls.Add($textBox) $form.Topmost = $true $form.Add_Shown({$textBox.Select()}) $result = $form.ShowDialog() if ($result -eq [System.Windows.Forms.DialogResult]::OK) { $x = $textBox.Text $x } Any help would be appreciated. Thanks
Group Policy Objects - Drive Mapping with Passwords
Struggling to Map a Drive to an external source with a Username and Password through GPO. We are using SIMs as our MIS in school and use certain reporting features that require a mapped drive to the LAs Server, in legacy GPO you could map a drive with a username and password using the CPassword Attribute - but due to being a "known security risk" this was removed by Microsoft. Our users are restricted and have locked down profiles so dont have permission to map the drive themselves using the username and password and because of CPassword Attribute being removed from GPO we cannot map the drive? Any help in doing this through GPO?Excluding a user or machine from Domain Group Policy
Hi, I am trying to exclude a machine/user from applying domain group policy for screen lock. However none of the solution I found on google worked for me. I created a new GPO and linked it to the Active Directory Group (user is a member) and linked the GPO to the group. and desired OU. In the Policy delegation tab under Advanced setting added the user and set permission Deny : Allow the policy. That too didn't work. Tried the same with the computer account too, still no luck.Hybrid Azure Join
Hello everyone, we want to use the Hybrid Azure Join Now my question is, can we use Cloud GPO's (CSP/ADMX) AND On Prem GPO's? So for example, can I roll out printers via local GPO and software, onedrive settings via Intune from the cloud? Unfortunately I can't find any information here, if Google is not my friend today Best Regards, Phil
