GPO win 2016

Hi what is the best practice or template for a new domain gpo
Who is Participating?
Peter HutchisonSenior Network Systems SpecialistCommented:
I suggest setting user password and lockout policies in the Default Domain Policy, ideally a longish password length and complexity enbabled.

For PC and Server access, I suggest using Restricted Groups to restrict administrator access to them to specific user groups besides Domain Admins.

Password best practise

Securing Active Directory
Peter HutchisonSenior Network Systems SpecialistCommented:
Is this for DCs, member servers, PCs or users?

Best practise depends on what you want to achieve. It differs for each organisation.
wannabecraigAuthor Commented:
I'm setting up a new domain and I want to use the best security practice possible so this will apply to all default policies.
This is just a basic setup in a office so I've assigned all recommended policies which would have been designed for srv 2003 or 2008
Is there anything specific in 2016 by which the security can be enhanced ?
wannabecraigAuthor Commented:
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.