AppLocker will block applications from running based on the descriptor. You can block programs by publisher, path, version, file name, publisher description or even hash. This feature is only available in Windows 7 and Microsoft Windows Server 2008 R2. While it can be used on an active directory domain, I use local group policy. You [...]

Hash rules are rules created in group policy that analyze software. It considers the “footprint” of software to recognize it. This means that if the program is renamed, it will still be recognized. Renaming the software is an old trick used by people who write viruses. these hash rules in Group Policy can be used [...]

this tutorial shows how to block USB drives by local group policy. This GPO setting was first available on Windows Vista. I perform this on Windows 7. Group Policy objects are only available to the professional and ultimate versions of Windows 7. These flash drives, also called thumb drives, pose a security threat to many [...]

Introduced with Windows Server 2008, Windows System Resource Monitor (WSRM) is a tool used to allocate system resources. It is not installed by default and must be enabled through features in Server Manager. WSRM shows how much of the system resources that an application uses on a regular basis. When running in this application mode, [...]

Active Directory Domain and Trusts: Manages trusts, domain and forest functional levels, and user principal name suffixes. It is located in administrative tools from either the control panel or the start menu Active Directory Schema Snap-in: This tool will not appear unless is is enabled with the command “regsvr32.exe  schmmgmt.dll”. Then it is only available [...]

When a computer is in a workgroup it manages its own authentication and security. When it joins a domain, it establishes a trust with the domain controller. This allows users to be authenticated to either its own security accounts manager (SAM) database and its own local identity store or it confirms authentication with authentication services [...]

The Active Directory Migration Tool migrates objects between a source and a target domain whether they are domains in the same forest or different forests. It is available from command line with the command admt.exe. The command line version can be used with text files to automate the process. It can be used to move [...]

As Microsoft Windows Server has progressed over the years additional functionality has been incorporated into its domain controllers. The level at which a forest operates is its functional level. This means that if a Microsoft Windows Server 2008 is at a Server 2000 native functional level, it can only utilize the features that were available [...]

As Microsoft Windows Server has progressed over the years additional functionality has been incorporated into its domain controllers. The level at which a domain operates is its functional level. This means that if a Microsoft Windows Server 2008 is at a 2000 Server native functional level, it can only utilize the features that were available [...]

The Directory Service Diagnosis Tool, dcdiag.exe, does a number of functions. It performs tests and reports on the replication and security for Active Directory Domain Services. The command without any switches performs a simple test. There are switches that can be used to perform more complex tests. The output of the command may appear in [...]

The Replication Diagnostics Tool (Repadmin.exe) is command line tool used to check replication between domain controllers. Repadmin.exe produces information that may be used to view information about a possible problem with replication in the forest. Repadmin.exe indicates when a problem change has been made to Active Directory. It can be as specific to report on [...]

The intersite topology generator (ITSG), a component of the Knowledge Consistency Checker (KCC), will assume that all domain controllers in a site have a reliable and equal connection. It does not take into account the physical topology of a network. This means that if you have offices separated by great distances and slow network connections, [...]