We have updated our Windows 10 v1903 and Windows Server v1903 security configuration baseline recommendations to address some issues:
Audit category Audit subcategory Was Now Audit Policy\Account Logon Credential Validation Success and Failure Failure Audit Policy\Account Logon Kerberos Service Ticket Operations Failure Audit Policy\DS Access Directory Service Access Success and Failure Failure Audit Policy\DS Access Directory Service Changes Success and Failure Success
We have also added a Baseline-ADImport.ps1 PowerShell script to import all the baseline’s GPOs into Active Directory Group Policy, and improved other scripts, including preventing the local-policy script from running on Domain Controllers.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.