The purpose of this section of the site is to build and maintain a Group Policy administration (.adm) template that can be imported into Active Directory for the purpose of securing your systems. I will begin by populating the template with various SQL Server settings that can be used to force certain security options for default SQL Server instances as well as some registry hacks to prevent certain kinds of attacks (ie registry fixes for 0-day exploits like the one outlined here http://www.securityfocus.com/archive/1/378891/2004-10-19/2004-10-25/0 )
The current template has fixes for the Shell.Explorer Kill Bit and SQL Server policies for authentication type, logging mode, netlib support, and disallowing adhoc support for multiple providers. As suggestions come in, I will enhance the template and share it with the community so we can all make use of it.
If you have any ideas for new templates - please email meĀ (see the About page). I welcome any and all suggestions.
To install the ADM Template: 1. To start Group Policy, click Start and then click Run. In the Open box, type MMC and then click OK. 2. On the Console menu, click Add/Remove Snap-in. In the Add/Remove Snap-in dialog box, add Group Policy. Under the Group Policy Object, select Local Computer, and then click Finish. 3. Select Administrative Templates from either the Computer Configuration branch or the User Configuration branch. These two nodes of the Group Policy tree are parallel to the Default Computer and Default User policy profiles in