Link to home
Start Free TrialLog in
Avatar of Carletto
CarlettoFlag for Italy

asked on

Microsoft Security Compliance Manager 4.0 compare policy

Hello to All of you,
I've been given a group policy baseline for window server 2008R2/2012R2 . I need to compare the actual policy with the new baseline.
  1. Can you please confirm that Microsoft Security Compliance Manager 4.0 is the right tool for this activity?
  2. Can I install this tool on a standalone PC with windows 7 and import both policy for the comparison?
thank you
Avatar of btan

Using SCM can do  1 to 1 comparison and you can do standalone and import the GPO.
you can import the two GPO in SCM and compare them. You'll see below and can also export the result in an Excel file.
Settings that differ
Settings that match
Settings only in First baseline
Settings only in Second baseline
other then that, to compare with "merged" GPOs which I see it as 1 -N comparison using SCM

Another more short summary in SCM steps in
Avatar of Carletto


Hi this is Exellent,
I took your message to my supervisor and he was fine with your message. Surely we will test and eventually implement it.

I have another question regarding SCM 4.0 and I hope you can help as well .

Can SCM 4.0 connect to a remote Windows 2012r2 and perform the comparison of the policy ? in few words avoiding the backup and import manually ?

the goal is to have something similar to nessus ( hopefuly SCM) that perform an audit the policy of all the windows server in the farm and compare them with the Baseline Security Policy .    

Thank you
Avatar of btan

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Thank you, it helped me a lot.