Using Protected Groups to Secure Privileged User Accounts

Benefits Members of the Protected Users group who are signed-on to Windows 8.1 devices and Windows Server 2012 R2 hosts can no longer use: Default credential delegation (CredSSP) – plaintext credentials are not cached even when the Allow delegating default credentials policy is enabled Windows Digest – plaintext credentials are not cached even when they…

0

Using Authentication Policies to Restrict Privileged User Account Logons

Authentication policy silos and the accompanying policies provide a way to contain high-privilege credentials to systems that are only pertinent to selected users, computers, or services. Silos can be defined and managed in Active Directory Domain Services (AD DS) by using the Active Directory Administrative Center and the Active Directory Windows PowerShell cmdlets. The following…

0