What are the new features and what has been resolved in GPOAdmin 5.15?
対策
New Features:
GPO Validation:
To ensure that the GPOs within your system are still required, you can setup an attestation process If a GPO has not been deployed within the specified date range, an email will be sent to the account designated as its manager to attest to its validity
Retention schedule for backups:
You can select to limit the backups to keep based on a specified number, age, or date. Backup retention settings apply to SQL configuration stores only
Email approval enhancement:
Ability to ensure that email approvals are processed only by users in Microsoft Exchange distribution groups who have the rights to do so. Validation is enabled in the email notification options in the Version Control properties and through the EnforceAccountValidation parameter in the Set-GmailSettings and Set-ExchangeSettings commands
Deployment restrictions:
Ability to restrict deployment windows by setting the day and time when users are allowed (or denied) to make modifications to objects. This functionality requires the delegation of the new Modify Change Window right, which allows administrators to set the change window and override it when required
Synchronization Target Editor updates:
Ability to view the source version number the target was last synchronized with in the Synchronization Target editor
Ability to synchronize to one or more individual targets from existing targets from within the Synchronization Target editor
Additional PowerShell commands:
Delete data from SMTP and workflow notification settings using:
Clear-GmailOptions -WorkflowOrSMTP
Clear-ExchangeOptions -WorkflowOrSMTP
Clear-SMTPOptions -WorkflowOrSMTP
Manage the live environment security using:
Get-LiveEnvironmentSecurity
Add-LiveEnvironmentSecurity
Remove-LiveEnvironmentSecurity
Clear-LiveEnvironmentSecurity
Manage the domain security using:
New-DomainACE
Get-DomainSecurity
Add-DomainSecurity
Remove-DomainSecurity
Clear-DomainSecurity
Get a list of failed deployments using:
Get-FailedDeployment
Manage the retention period for backups using:
Clear-BackupsByRetention
Set-BackupsRetention
Additional Reports:
Role Assignment report that allows you to determine which rights and roles a user is assigned both directly and indirectly through group membership.
All Actions report that allows you to report on multiple users, types of object and actions during a specified date range
Additional platform support:
Windows Defender Credential Guard NOTE: GPOADmin can run in environments that have Windows Defender Credential Guard enabled. However, due to a compatibility issue with our Autorun utility, GPOADmin must be installed manually using the GPOADmin.MSI file found with the installation CD or download package
Azure SQL Managed Instance
Miscellaneous Updates:
Restrict inheritance settings for notifications. This functionality requires the delegation of the new Block Notification Inheritance right which allows users to block inheritance of notification settings from the Version Control root to child containers and objects.
Replace the Scope of Management links in the source GPO with the links in the target GPO during a merge
View the group policy inheritance for the selected Scope of Management, including the location where they are linked and the order in which they will be applied
Addition of compliance status column for version controlled objects in the GPOADmin console
View failed deployments in the Failed Deployment folder located under the Search Folders.
View the synchronization source and target GPOs with their relevant domains in the GPOAdmin event log
Enforce naming conventions for all GPOs and WMI filters at the container level through the object’s property page
Delete data from SMTP and workflow notification settings
Resolved Issues:
GPO setting edits are not applied when a GPO is linked before the settings are deployed - 193039
Unregister and remove history does not delete data in the backup share - 194496
Newly created OU canonical name displays in the wrong order - 195029
GPO version incorrectly increments when an edit is not completed - 197644
Synchronization targets are duplicated when they are set using AD / ADLDS as the configuration
Store - 199061
Unable to modify live environment security after an upgrade - 200403
During a GPO merge, some extensions are not merged correctly - 200404
Register right on the live domain is required to merge GPOs - 202225
Registering a GPO results in permissions being out of sync in GPMC before the GPOs firstdeployment from GPOADmin - 207496
The GPO Comparison report does not function properly when policies are managed on different GPOADmin servers in the same console - 207635
Users granted live environment access through a non-domain users group are unable to import objects from the live environment - 207753
When merging GPOs to an existing GPO, the extension value in Active Directory is overwritten rather than merged - 210355
Workflow approvals are not processed in order when ADLDS is used as the configuration store - 214908
GPOADmin closes unexpectedly when running a GPO modeling report - 210143
Unable to merge GPOs between foreign domains - 194008
Unable to run the database creation scripts - 194347
Entering text in the search field in the Options dialogue causes GPOADmin to close unexpectedly - 199736
Email address must be set for users to see notifications in Notification manager. Users are not notified when adding notifications through PowerShell - 205078
Unable to make changes to the installation through Add / Remove Programs. Workaround: Launch the original installer and click the Change button - 191292
The Object Picker in the installer does not list Service Accounts - 189611
Option to enable SMTP notifications through Exchange is enabled with a new installation - 191328
Regardless of the number of assigned approvers, workflow buttons are only included in the first approver’s email - 703601