Now Available:

Featured Resource:

line

Realtime Communities

line

Newsletter

Email Address:


line

Monthly Archives

line

RSS

line

Ask the Expert

Have a question for our resident expert? Email your questions to Greg.

« Terminal Services in Server 2008 Series. Our Most Popular Series is Also Available as an MCP Magazine Feature! | Main | Demo Videos on Server 2008's Hyper-V »

Bypassing Group Policy

Darren Mar-Elia, the GPOGuy, writes about some interesting ways that users can get around the application of Group Policy. None of these I'd been aware of before.

There's a rather compliacted method one can use involving DLL injection and intercepted registry calls. This was originally blogged about by Mark Russinovich here. That piece included a tool that...

...could be used to bypass GP application, but was eventually pulled once Winternals merged with Microsoft. Another enterprising individual here wrote and released a replacement for that tool and called it GPCul8r. Very interesting.

Darren concludes with a link to what he calls a "much easier way to disable Group Policy". This white paper discusses some known attack vectors that could be used also to bypass GP application.

Obviously, all of this is merely brought to you as...a...thought...experiment. Neither you, nor your users, woudl use this in practice...right?

Tags:    
 Email This!  Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Greg Shields on December 19, 2007 12:30 AM |

TrackBack

TrackBack URL for this entry:
http://www.realtime-windowsserver.com/type/mt-tb.cgi/572

Post a comment

(All comments are approved by site leader before appearing here. Thanks for commenting!)

Search

line

Most Active Posts

line

Library Resources

line
line

Recent Posts

line

Categories

line

Greg Shields' Bio:

Greg Shields, is an independent author, instructor, and IT consultant based in Denver, Colorado, and a co-founder of Concentrated Technology. With nearly 15 years of experience in information technology, Greg has developed extensive experience in systems administration, engineering, and architecture specializing in Microsoft systems management, remote application, and virtualization technologies. Greg is a Contributing Editor for Redmond Magazine, MCPmag.com, and Virtualization Review Magazine and is the author of five books, including Windows Server 2008:  What’s New / What’s Changed. Greg is also a highly sought-after instructor and speaker, speaking regularly at conferences like TechMentor Events, and producing computer-based training curriculum for CBT Nuggets.  Greg is a recipient of Microsoft "Most Valuable Professional" award with a specialization in Windows Terminal Services.