• Home
  • Consulting
  • Contact Us
    • About this site
    • Contact Wayne
    • Media Room
    • Wayne’s Bio

SBSFAQ.COM

Supporting IT Pro's & MSP's since 2000

  • Blog
  • FAQs
  • Reviews
  • Downloads

SBS 2008 and SBS 2011 and MS16-072–The Solution

June 22, 2016 by Wayne Small 3 Comments

After posting earlier this week about MS16-072, I’ve done quite a bit of investigation and sought advice from fellow MVPs (Jeremy Moskowitz and Darren Mar-Elia) who focus on Group Policy.  Jeremy has a good post here that he’s done a lot more explanation on this change.

With respect specifically to SBS 2008 and SBS 2011 however, I’ve found that we can run Jeremy’s script but we need to make a minor change on SBS.

The modified version of the script is below and based on my testing, it appears to work and the SBS magic does not appear to undo it afterwards as I reported yesterday here

Import-Module GroupPolicy

Get-GPO -All | Set-GPPermissions -TargetType Group -TargetName “Domain computers” -PermissionLevel GpoRead

This will be the method I will use for our clients now.

Thanks so much for Jeremy Moskowitz and Darren Mar-Elia as they helped investigate what I was seeing and some sidetracks I took along the way.  Appreciate your help.

Share this:

  • Click to share on Facebook (Opens in new window)
  • Click to share on Twitter (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)
  • Click to share on Reddit (Opens in new window)
  • Click to print (Opens in new window)

Filed Under: Blog Tagged With: Microsoft, Patches, SBS 2008, SBS 2011

About The Author

Wayne has been working with Microsoft Server products in the SMB market for over 20 years. He has a passion for technology and been a Microsoft MVP for over 15 years. Read More…

Comments

  1. Jeremy Saunders says

    June 23, 2016 at 3:42 am

    You can also use my script: http://www.jhouseconsulting.com/2016/06/22/script-to-report-on-and-remediate-the-group-policy-security-change-in-ms16-072-1627

    Cheers,
    Jeremy

    Reply
  2. Kevin Royalty says

    June 25, 2016 at 9:29 am

    Wayne – i tried this on a test SBS2008 server and the import-module GroupPolicy returns an error about no valid module found. perchance do we need a certain version of powershell on sbs2008 for this to work?

    Reply
    • Wayne Small says

      June 25, 2016 at 5:02 pm

      Hi Kevin,
      I’ve tested using mainly on SBS 20011 – which has PowerShell 2.0 on it. Can you check what you have please?

      Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Search

Connect Online With Us

  • Facebook
  • Twitter

Reviews

Splashtop – Cost Effective Remote Control Software

September 22, 2017 By Wayne Small 2 Comments

Western Digital DL4100 NAS

March 3, 2015 By Wayne Small Leave a Comment

SBS 2011 Configuring Certification Guide (70-169)

August 7, 2012 By Wayne Small 4 Comments

Site News

Exchange Bug Stops Mail Delivery in 2022

January 2, 2022

Huge bug found in Intel CPU that could permit hackers to steal your data

January 4, 2018

Recent Posts

  • MS Exchange Zero Day and RemotePowerShell Disabling on Admin accounts
  • Setup changes for Exchange 2016 and Exchange 2019
  • Bluetooth Mouse and Keyboard Randomly Stop Responding
  • Exchange Bug Stops Mail Delivery in 2022
  • How to open and search extremely large text log files

Tags

Antivirus Backup Business Focus Cloud Computing Community Conferences Disaster Recovery Exchange 2010 Exchange Server Future Products Hyper-V Installation Microsoft Migration Patches Personal Rants SBS 4.5 SBS 2000 SBS 2000 SP1 SBS 2003 SBS 2003 Premium SBS 2003 R2 SBS 2003 R2 Premium SBS 2003 R2 Standard SBS 2003 SP1 Premium SBS 2003 SP1 Standard SBS 2003 Standard SBS 2008 SBS 2008 R2 SBS 2011 SBS 2011 Essentials SBS 2011 Standard Security Service Packs ShadowProtect SMB Community Software Software I use StorageCraft Training TrendMicro Troubleshooting Virtualisation Windows Server 2012 Essentials

Terms of Use

Privacy Policy

Copyright © 2023 · Magazine Pro Theme on Genesis Framework · WordPress · Log in