![]() A new group policy template (NetworkProvider.admx/adml) was also provided with the security update. This mechanism requires both the installation of the new security update and also the deployment of specific group policy settings to all computers on the domain from Windows Vista / Server 2008 (non-R2) or newer (the associated security patch to enable this feature was not released for Server 2003). Rationale: In February 2015, Microsoft released a new control mechanism to mitigate a security risk in Group Policy as part of the MS15-011 / MSKB 3000483 security update. However, using SMB encryption will render the targeted share paths completely inaccessible by older OSes, so only use this additional option with caution and thorough testing. Note: If the environment exclusively contains Windows 8.0 / Server 2012 (non-R2) or newer systems, then the 'Privacy' setting may (optionally) also be set to enable SMB encryption. The recommended state for this setting is: Enabled, with 'Require Mutual Authentication' and 'Require Integrity' set for all NETLOGON and SYSVOL shares. Information This policy setting configures secure access to UNC paths. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |