@nhatlt Could you elaborate on which information you think is "too much" for a valid domain user account?
Sensitive information is blocked already for standard users, some information could be protected further to harden the network against attackers trying to get as much information as possible (for example, enumeration of admin-group membership would be something you should look into).
For example: Even if a user can view most properties of a computer object, he will not see the stored Bitlocker Recovery Information or a saved Administrator Password (if you are using LAPS).
The information a user can see should never pose any security problem. At best, it helps an attacker with valid domain credentials to get more information about your network.
If an attacker sees all this information and your design is secure, you just helped him save some time. If your design ist not secure to begin with, hiding information won't make it more secure.