Microsoft Security Tech Accelerator
Dec 06 2023, 07:00 AM - 12:00 PM (PST)
Microsoft Tech Community

Which script (s) to run..

Copper Contributor


I'm new to this and noticed that in the scripts folder there is a local install one and a AD one. My logic is that I don't need to install both.  The AD one if I want to control the servers from AD or the local one if local control is desired. Please let me know what your experience  is:




3 Replies

@hello105 the AD Import is to bring all the security baselines into Group Policy (GPMC).  The Local script is to install on a test system so you can test and measure the effects on a secured machine.

Thanks Rick so if I like the effects the end result would be to apply the new group policy baselines on the OU with the applicable servers and install the local peace on all of the servers I want to harden?
If after testing the results on a test server you want to them push the baselines out you can run the AD import, link the newly imported GPOs to your clients or servers via OU, WMI filtering, etc