This is a short guide on how to create and configure some essentials GPO (and other stuff) to secure an Active Directory domain from the inside. This has become one of my basic setup when I start working on an AD domain. Most of the time, all of these GPO won’t disrupt anything but it’s always important to understand the environment and what the AD domain is hosting for the organization with all the softwares, to make sure that those security setting won’t break any old legacy applications. As always, do your homework before doing any changes in a production env.
This is not a complete guide by itself. It’s a quick and dirty patched up documentation for setting up basic security for an Active Directory domain. If you are into this kind of subject, look into Ping Castle or Purple Knight as a start, these are very usefull tools to help you make your AD more secure. There are so much more available for free!
Continue Reading →