How Secure is a Domain Controller that is fully patched on a
default install of Windows 2003? When promoted the domain controller has
the two default policies, both of which are recommended not to be
modified. But there are things that could be done better for added
security. For example, NTLMv2 refuse NTLM and LM. Is it common
practice to add additional GPO’s to the DC OU? Or is DC protected
enough to where all that is needed to worry about are the member machines? If adding additional GPO’s to the DC OU, is there
anything that should definitely be avoided? Edwin |
- [ActiveDir] How Secure is a... Edwin
- Re: [ActiveDir] How Se... Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
- RE: [ActiveDir] Ho... Tony Murray
- RE: [ActiveDir] How Se... deji
- RE: [ActiveDir] How Se... Ulf B. Simon-Weidner
- RE: [ActiveDir] Ho... Edwin
- RE: [ActiveDir] How Se... joe
- RE: [ActiveDir] How Se... Molkentin, Steve
- RE: [ActiveDir] How Se... neil.ruston
- RE: [ActiveDir] Ho... Ulf B. Simon-Weidner
- Re: [ActiveDir] Ho... Al Mulnick