Friday, 13 May 2016

Cannot Save Recovery Information for Bitlocker in Windows 7

How to enable Bitlocker using GPO.
1.       Open Group Policy Management Console and create a new Group Policy.
2.       Right click on the policy and click Edit; you will see a Group Policy Management Editor window.
3.       Expand Computer Configuration  à Policies àAdministrative Templates à Windows Components à Bitlocker Drive Encryption.
You should see the below policy options for Bitlocker:
image

4.       The policy we need to configure is: Provide Unique Identifiers for your organization.

5.       Under the Fixed Data Drive sectionEnable the below two policies as shown below. For more information on each policy refer to the Help tab for each policy.
image
6.       Under the Operating System Drive sectionEnable the below three policies as shown below. For more information on each policy refer to the Help tab for each policy.
      image
·         Require additional authentication at startup – Set this policy as per your requirement.
Configure TPM Startup; Configure TPM Startup PIN; Configure TPM Startup Key; Configure TPM Startup Key and PIN.
I f you want to use TPM + PIN as the startup type, see screen shot below.
                       image
7.       Under the Removable Data Drives section: Enable the three policies as shown below. For more information on each policy refer to the Help tab for each policy.
image
8.       Turn on TPM Backup to AD Domain Services.
In Group Policy Management Editor; Expand Computer Configuration  à Policies àAdministrative Templates à System à Trusted Platform Module Service
                         image
Apply the policy to the specific OU or Domain where on the computers you want to be enable Bitlocker.
Run gpupdate /force on the client machine and run rsop.msc to see if the policies are applied.
Posted by at No comments:

Video converters

AV to HDMI RCA Video+Audio Conv









VGA 2 HDMI 





HDMI 2 VGA





Posted by at No comments:

How to edit remote or another computer local group policy

Want to open up the MMC of a local Group Policy on a remote machine?
Simply go to Start Run and type:
gpedit.msc /gpcomputer: Computername
Posted by at No comments:

How to Disable the Wireless Hosted Network or Virtual AP Feature Via Group policy for windows 7

Windows 7 comes with a nifty feature that allows it to function as a wireless hotspot. For home users and technical enthusiasts, it's a cool feature. For paranoid network admins like me that feature is a problem. You don't want users opening up wireless APs inside your building or if they're remote, functioning as conduits for outsiders to piggyback into your networks.

To disable this function via group policy, create a new group policy or modify and existing one and go to Computer Configuration -> Policies -> Windows Settings -> Security Settings -> Wireless Network (IEEE 802.11) Policies. right click on there and Create a new policy.



Now be careful what you select in here or else you'll wind up causing havoc for your wireless users.

Name your Wireless policy whatever you want, then go to the "Network Permissions" tab. Select the checkbox for "Don't allow hosted networks" and that will block the SoftAP feature.


Do not check the other boxes that I've marked in blue unless you want to lock down your users to only using your wireless APs (which will also block APs at airports, starbucks, etc). That "Only use group policy..." setting is bad news for your traveling employees.

Once these settings go into effect, the windows 7 clients may require a reboot or two before the changes kick in. These changes also will only work if they are using the default built in wlan client that comes with windows 7. (See checkbox setting on first tab of that policy window).
Posted by at No comments:

How to Disable the Wireless Hosted Network or Virtual AP Feature Via Group policy for windows 10

To enable or disable Internet Connection Sharing

  1. Open Group Policy Management Editor. To do so, click Start, and then in the Start Search box, type mmc gpedit.msc.
  2. In the navigation pane, open the following folders: Local Computer PolicyComputer ConfigurationAdministrative TemplatesNetwork, and Network Connections.
  3. In the details pane, double-click Prohibit use of Internet Connection Sharing on your DNS domain network.
  4. Do one of the following:
    • To enable the Group Policy setting, and disable ICS, click Enabled.
    • To disable the Group Policy setting, and enable ICS, click Disabled.
  5. Click OK to save your changes.
Posted by at No comments:
Subscribe to: Posts (Atom)