Content
Disallow Simple Bitlocker Startup Pins
Is it possible to prevent users from changing their bitlocker pin to a simple or sequential pin? we are already setting the pin length but is there a way to prevent users from setting it to something like 1234567 or 1111111 for example? i just tried…


default browser is changed from Chrome to MSEdge
Hello, ProgID is changed from ChromeHTML to MSEdgeHTM after logoff and login under the below registry…


Error with fslogix.admx
ADMX file seems to have an error. I tested on two different DC in different AD. I used: FSLogix_Apps_2.9.8440.42104 and FSLogix_Apps_2.9.8228.50276 and they have errors. The older one is working fine - version FSLogix_Apps_2.9.7979.62170 Administrative…


Exchange Server 2016 Manage Audit and Security logs requirement poilicy
I'm trying to find some documentation on the requirement for Exchange Servers to have 'Manage Audit and Security Logs' rights on the DC. I know without that setting, you can't enable mailboxes and potentially other issues arise. Our Cyber management…


How do I block OPP and OBEX on Windows 10 without using Intune?
Hi, I have been searching the internet for a solution to this question but none come up. Very surprised by that. How can I block OPP and OBEX on Windows 10? I want to create a GPO to block the transfer of files via bluetooth. I have seen options for…


How to fix the ALTERNET CREDINTIAL REQUIRED to login problem in windows 10
I am not able to login remotley to one of device in our domain and it return the below messge any idea about this problem?


add normal user or users to local administrator group for certain time through GPO and PowerShell
Hi besides adding a normal user to the local administrator manually on his computer. how to add a normal user or users to the local administrator group on their computer for a certain time, where the user or users are automatically removed from the local…
After implementing KB5020276 March,16 I'm still not able to re-join the PC to the domain
Hello, I've proceeded step by step with all instructions regarding KB5020276: Install March,16 updates on all Domain Controller Install March,16 updates on the test workstation Set up new GPO setting as per documentation - settings taken by all DCs …


Modify current ADMX files to be applied through GPO.
Hello, I need to modify current ADMX file to be able to select certain properties that are not currently available in GPO settings. The file in question is "TerminalServer.admx" and the settings that I need to add are following: Configure…


Why do we get preview update 22H2 when GPO is set for Semi-Annual Channel?
Most PC's in our organization have been upgraded to Windows 10 22H2, however according to https://learn.microsoft.com/en-us/windows/release-health/release-information 21H1 is the latest released version. Why is that? How do we avoid getting preview…


Pin Policy for Smart Card Login in Windows 10
Is it possible for to set a pin policy for smart card login? We are using PIV cards (OpenFIPS201) in a Windows 10 A/D. The PIV standard specifies 6-8 digits, however we would like to enforce 8-digit PIN values via policy if possible. I have reviewed…


[Warning] cannot resolve the security principal referenced in the extension [Security] [S-1-5-82-3612265144-3607906190-2445842478-3319020065-934383497],
Hi, We i backup the Domain Group policy in domain controller ,this error happens,please help to check what does this mean? [Warning] cannot resolve the security principal referenced in the extension [Security]…


Windows Server 2022 WPA3 settings?
Hi, I'm trying to deploy WPA3 enterprise settings with group policy using Windows server 2022 member server. I can create the policy settings just fine, but when i try to view the GP report in group policy management console, i get an error. I…
Restrict users to a single system
Dear Team, I have a domain of Windows server 2016 and all users have their roaming profile. I can see that users are unnecessary login in multiple systems when those are not in use and it is creating uncesessary profile creation in multiple machine. I…


Install MSI with "attached" JSON on startup - Through GPO
Good day folks! Been scouring the internet looking for solutions to this and have come up blank thusfar. PDQ Deploy does not work on our domain, likely due to firewall restrictions. I will eventually go through that process as a last result, but I'd…


Windows Firewall with polices from a GPO - Stay persistent with firewall disabled
Since the 1st of February, we have observed a new behaviour within an On-Prem AD and Windows 10. (After Patch Tuesday 31st Jan). For any GPO defined with setting: Computer Configuration/Policies/Windows settings/Security Settings/Windows Defender…


Adding FSLogix admx/adml templates to GPO when using Azure ADDS
I have AD management tools set up on a management server connecting to my Azure ADDS. I need to administer my FSLOGIX configurations for my AVD using GPO. Because it is ADDS here I cannot see the traditional DC or the SYSVOL. How can I add FSLogix…


Win11 22H2 Broke PINTOHOME GPO Logon Script
I use a script set to run at logon to pin network folders to quick access on user desktops. After this update users that logon no longer see their shared folders. I am guessing it is due to the quick access being changed to "Home" in Windows 11…
License Visual Studio comunity
Good morning I have a question if I can use Microsoft studio community commercially if my company does not have more than 250 computers and no more than 5 programmers and the second question I have about system libraries such as kernel 32 can I use them…


Storage sense policy is applied but the action fails.
Policy Applied: Allow Storage Sense = Enabled Configure Storage Sense cadence = Every day Configure Storage Sense Recycle Bin clean-up threshold = 30 days (although we should put that at 2 days for now so we can test it properly) Testing :- Day 1 -…

