This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Replacing Desktop Authority with Group Policy

As some of you may or may not know I spent a large amount of time at my last company completely redoing Group Policy/Active Directory configurations.

Well as of two weeks ago I started a new job (60% more money, twice as much time off, 10 less hours of work a week, and a better corporate culture). The new company currently uses Desktop Authority as a supplement to Group Policy but many of the configurations used can just be applied through GP.

I prefer using GP for as much as I can especially in 2008R2+ domains, as such I plan on presenting a plan to slowly convert from GP + DA to completely using GP for our systems configurations.

Anyone who has done this, anything I should look out for or any reasons to not go ahead with this conversion?

***Information has been Flagged as Spam and has been Deleted. if you feel that the information deleted is not Spam please contact us or Reply to the Private message Sent. ****

  • Hi Aksar Bhai – 

    Congratulations on your new position! I am the Product Manager for KACE Desktop Authority (DA), so of course I think using our product is preferable to using native Microsoft tools for managing your new company’s group policies. 

    Many of our long standing and loyal customers continually mention the following considerations and reasons why they love using DA and how it delivers great value to them:

    1) Mobile User Management – with DA you can refresh policies (at logon, logoff, refresh – you pick) for users who are on or off network seamlessly. Especially when you have a revised or new policy designed to add security, having the assurance that off network employees will get added protection lets DA admins sleep better at night when the threat landscape has shifted as it inevitably does all the time. DA supports use of either AWS or Azure storage in order to enable this off network capability.
    2) Policy Granularity – DA has a patented and powerful advanced targeting engine – Validation Logic. DA admins love the simple graphical user interface that allows them to select which devices and associated users a given policy will be applied to without needing to manually write PowerShell or other advanced scripting or figure out the WMI filtering required to meet very granular level policy conditions.
    3) USB/Port Security – DA can control what is allowed into your network via USB and conversely what is allowed out. GP can’t manage USB security - so this is a massively valued feature to security-minded DA customers. 

    There are many user and computer settings that DA can manage more easily than MS native tools above and beyond the ones I just highlighted. I may have missed more than a few that are of importance to you so I hope you can take the time to learn more about DA before making any go forward decisions in your new company role.

    You can find all of our technical documentation here if you have not already located this information online:
    Since you are new to the product, I’d love to talk more with you about how DA as currently set up at your new company can help you succeed in your new position. I can help arrange some time with our sales engineering team who would be happy to ensure that you have all the information and assistance you need. Please feel free to contact me at