Deploying LAPS
Blog post about deploying LAPS to your environment. Free security tool from Microsoft.
Windows 10 Security Baseline
Quick review on the Windows 10 (1703) Security Baseline from Microsoft.
Larger Sites tips
Configuring Change Notification Replication for faster replication and DNS Netmask ordering for use with subnets other than Class C
Deploy & Configure AGPM
Deploy AGPM using Group Managed Service Account and Least Privileged model.
Enable Recycle Bin & Get ready for GMSA
Before we get too deep in to configuring our nice domain service, we will enable a useful feature. The Recycle Bin. This allows us to quickly and easily restore an object we accidentally delete. Enabling the recycle bin just requires a forest functional of 2008 R2 or higher. We provisioned full 2016 so lets enable […]
NetBIOS and SMB1 – Kill them with fire
Using GPO to disable SMB1 and NetBIOS.
Security Logs – Archive them off
Keep a backup copy of your event logs in case something happens to your SEIM.
