Microsoft Security Compliance Manager 4.0 compare policy
Hello to All of you,
I've been given a group policy baseline for window server 2008R2/2012R2 . I need to compare the actual policy with the new baseline.
Carlo
I've been given a group policy baseline for window server 2008R2/2012R2 . I need to compare the actual policy with the new baseline.
- Can you please confirm that Microsoft Security Compliance Manager 4.0 is the right tool for this activity?
- Can I install this tool on a standalone PC with windows 7 and import both policy for the comparison?
Carlo
Using SCM can do 1 to 1 comparison and you can do standalone and import the GPO.
Another more short summary in SCM steps in http://terrytlslau.tls1.cc/2011/11/comparing-group-policy-by-security.html?m=1
you can import the two GPO in SCM and compare them. You'll see below and can also export the result in an Excel file.https://www.experts-exchange.com/questions/28491092/Microsoft-Security-Compliance-Manager-compare-baseline-to-multiple-GPOs.html
Settings that differ
Settings that match
Settings only in First baseline
Settings only in Second baseline
other then that, to compare with "merged" GPOs which I see it as 1 -N comparison using SCM
Another more short summary in SCM steps in http://terrytlslau.tls1.cc/2011/11/comparing-group-policy-by-security.html?m=1
Hi this is Exellent,
I took your message to my supervisor and he was fine with your message. Surely we will test and eventually implement it.
I have another question regarding SCM 4.0 and I hope you can help as well .
Can SCM 4.0 connect to a remote Windows 2012r2 and perform the comparison of the policy ? in few words avoiding the backup and import manually ?
the goal is to have something similar to nessus ( hopefuly SCM) that perform an audit the policy of all the windows server in the farm and compare them with the Baseline Security Policy .
Thank you
Carlo
I took your message to my supervisor and he was fine with your message. Surely we will test and eventually implement it.
I have another question regarding SCM 4.0 and I hope you can help as well .
Can SCM 4.0 connect to a remote Windows 2012r2 and perform the comparison of the policy ? in few words avoiding the backup and import manually ?
the goal is to have something similar to nessus ( hopefuly SCM) that perform an audit the policy of all the windows server in the farm and compare them with the Baseline Security Policy .
Thank you
Carlo