MDM & GP Tips Blog

Derek Melber has a new GP book by Microsoft Press. I'm holding my copy in my hand, and it's a great book for anyone looking to get more rounded on Group Policy. It's a short read, about 500 pages, and has some good information on 3rd party tools and solutions. (Which I'm a big fan of.) Derek's book also cracks open ADMX files (if you're into that kind of thing) as well as details sample output of many of the Group Policy GPMC scripts (available online at Microsoft.com.) So check it out. It's part of the larger Microsoft Server 2008 Resource kit. You can learn more about his book here. Congrats Derek !

This blog entry is two tips in one. Click to find out why. Inside you'll learn about the RSAT tools and also where the GPPEs can be downloaded using Microsoft Update.

Remember the ADMINPAK? It's not available on Vista, but the all-new released-today RSAT tools are. RSAT stands for "Remote Server Administration Tools." It contains the GPMC, ADUC, and all the greatest hits.

Download the Vista + SP1 + x86 version here: ttp://tinyurl.com/3xs2o6

Download the Vista + SP1 + x64 version here: http://tinyurl.com/337gfj

PS: I'm seeing the links going up and down all day today. It's weird.

In other news, the GPPEs are available as "Optional Software updates" using Microsoft Update as seen here. Thanks to Scott Bailey for this tip !

One of the hardest jobs is figuring out which users need Admin rights, because our stinkin' applications require admin rights. Well, that's the business of BeyondTrust. And today, they came out with a (free) tool to help you determine which applications require what admin rights to run. Sure, the idea is that you'll have an "A-ha" moment and realize that their (pay) tool (which is quite good) is the best way to keep the user's rights LOW, but elevate the rights of the application. To check out the free auditor tool they came out with today, head on over here.

New newsletter to user in their announcment coming soon. But, if you want to start playing with them TODAY...here's where to find them (thanks to my pal Jakob Heidelberg for making it easy for me to get.) The "real" links are, gah, all over the place.

GPP CSEs for Windows Vista (KB943729)
GPP CSEs for Windows Vista x64 Edition (KB943729)
GPP CSEs for Windows Server 2003 (KB943729)
GPP CSEs for Windows Server 2003 x64 Edition (KB943729)
GPP CSEs for Windows XP (KB943729)
GPP CSEs for Windows XP x64 Edition (KB943729)

If you want a quick tutorial in them, I suggest getting Chapter 10 of my new book (which is available for immediate download.) Click the "About the book" section and follow along until you get Chapter 10. Thanks!

Check it out ! It's here. Fully updated for all the new WS08 policy settings.

Microsoft Office 2003's SP3 has an interesting twist. They're silently changing which file types are valid. In short, old and crusty files your users have been able to open for years, suddenly... aren't.

Good article. A recommended read with interesting .REG files to re-enable functionality.

http://tinyurl.com/325r4q

So the other day I posted about a Softgrid to MSI repackaging tool. Great! Except it doesn't work with the existing Softgrid client. (Boo.) But the new client is now out! (Yay!)

http://support.microsoft.com/kb/941408

Why they didn't come out at the same time is a bit of a mystery. But.. That's the breaks sometimes. Anyway.. Enjoy Softgrid geeks ! (PS: I'm one of you!)

So, I can confess it. I love Microsoft Softgrid. I really do. For the uninitiated, Softgrid (newly renamed Microsoft Application Virtualization) can take an application and "stream" it from a server to your desktop. Keen-o-rific. This means you're not actually INSTALLING anything; but rather, just running it streamed. Except there was no way to "deploy" that application using GP. Until now. Enter in the Softgrid MSI "wrapper" utility (found here.)

The idea is simple: if you can wrap an existing Softgrid package into an MSI, then you can use GP (or SMS, or Landesk or anything) to maintain your deployment practices.

I haven't had a chance to try this out yet.. So, if you do, and you're a Softgrid + GP head, then shoot me an email and let me know how it went! Thanks !

PS: Thanks to GPanswers.com Shortstop Eric Johnson for bringing to my attention that this tool was FINALLY available.

So, Vista SP1 and XP SP3 will both be required downloaded using Windows update. What? Don't like the way that sounds? Then use these ADM templates. But the "breaks" don't last forever. If I'm reading it right, the updates will eventually be forced down 12 months after the service packs are released.