cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Question Regarding Server 2022 Domain & Controller MSCT baselines

wbaumgardt
Copper Contributor

‎Jan 18 2024 05:37 AM

‎Jan 18 2024 05:37 AM

Question Regarding Server 2022 Domain & Controller MSCT baselines

I have a basic 'Newbie' question regarding the MSCT baselines.   I see the GPO for 'MSFT Windows Server 2022 - Domain Controller' and also 'MSFT Windows Server 2022 - Member Server'.  I just want to confirm that we should only apply the 'MSFT Windows Server 2022 - Domain Controller' policies to our DC's, and not the Member Server policies as well.  While this seems obvious, I just want to make sure.

Labels:
557 Views
0 Likes
4 Replies
Reply
4 Replies
AaronMargosis_Tanium

‎Jan 19 2024 09:14 AM

‎Jan 19 2024 09:14 AM

Re: Question Regarding Server 2022 Domain & Controller MSCT baselines

That is correct.
0 Likes
Reply
criiser

‎Apr 07 2024 10:50 PM

‎Apr 07 2024 10:50 PM

Re: Question Regarding Server 2022 Domain & Controller MSCT baselines

@AaronMargosis_Tanium - Does the MSFT replace "Default Domain Controller Policy" aswell? If not, Should MSFT be higher linked than Default Domain Controller Policy?

0 Likes
Reply
AaronMargosis_Tanium

‎Apr 09 2024 10:52 AM

‎Apr 09 2024 10:52 AM

Re: Question Regarding Server 2022 Domain & Controller MSCT baselines

@criiser - the recommended policies in the Security Compliance Toolkit baselines should take precedence over the built-in default GPOs. 

0 Likes
Reply