I just saw my first report from a Microsoft RAP for GPO… The official name is "RAP as a Service for Group Policy"
I must say… what a load of crap or should I say cRAP. I hope the company didn’t pay much for it.
I don’t know if it is a flawed concept/scripts/analysis process or the engineer that did the review was just clueless about AD but I haven’t laughed this hard in some time.
If you are looking to burn up some money, please donate that money to my tip jar and avoid the GPO cRAP; your money will be better spent.
Go Microsoft Support Go!!!
LOL!
joe
Does seem to be an interesting sales process, would be more interested in a tool.
https://services.premier.microsoft.com/raas/gpo
ah but you haven’t explained why you think that. So now I am curious, and my chase up our TAM and ask for one. 🙂 We do the AD RAP each year, its actually handy (if only for the political side of being able to say “MS have checked our AD, its all good”)
I agree that there is value in the normal RAP process. It helps give you a general overview of what might be going on. I have been involved in many many many RAPs for many many many companies over the years and I have, of course, also encountered questionable Full RAP reports where I had to give the end customer a proper level set and understanding of what was in the report or outright argue with MSFT about it. I think it can vary based on the quality of the engineer but I have never seen anything so bad as this GPO specific RAP. After reading the report you would have thought the universe was coming to an end due to all of the RED and use of the word CRITICAL and FAIL. The really funny thing is that they performed the RAP without talking to a single person responsible for supporting Active Directory. Other than that little bit I cannot share any real specifics due to confidentiality agreements with customers etc but I will assure you that if the GPO environment was as bad off as what was implied by the report I would have a) already caught it as I am working with that account on other Wintel related remediations and b) I would have immediately lined the troops up to fix it all. Instead I read through the report chuckling most all of the way through.
joe
joe
Chuckle. I haven’t seen the output, but in my experience, its all well and good to make claims about what you should do to clean up GP. It’s another thing entirely to actual do it without completely horking up your environment. It takes *a lot* of work. And, I think folks have a tendency to overstate problems related to GP. In the end, it’s really about making sure that the configuration you expect on your endpoints actually shows up. The rest is gravy.
Darren
I concur Mr. GPO. 🙂
So, we got the GPO RAP done,. really just out of interest. wow, it is hard to see value in this, and indeed if you took the report blindly and at face value, you could actually screw up your environment addressing the so called ‘issues’. we have a plethora of low/medium risks but every single one of them was in reality just informational.
so for us it was no big issue to burn a few days premier consulting hours, but in its current state there is no way we got value from it. Apparently there are 2 variants of it, an onsite (which we did) and a full cloud based. I can’t see how the cloud based version could possibly be useful, you really need to be having discussions with the engineer. Thankfully we have a good relationship with the MS Premier engineers (they have been across our company for years), so we could just have a laugh at it.
I couldn’t believe it was as poor as you implied. but you where right.
I just call em as I see em. 😉