Setting up workstations reliably for SIEM instrumentation and scans

Fred Marshall
Fred Marshall used Ask the Experts™
on
I've been using GFILanguard and ManageEngine Eventlog Analyzer for a few years - reasonably successfully.
However, I've never been satisfied with my ability to set up a workstation RELIABLY.  
I've developed a checklist of settings to make.
I've written a PowerShell script to make settings.
I've installed agents.
On and on......
For GFI Languard, the most common error messages are: "Access denied" and "RPC Server unavailable" while, by far, most workstations are successful.

We recently changed from a peer-to-peer network to a domain.  So, now I'm revisiting in order to match up and am doing the "quarterly cleanup" of workstations that aren't connecting.

Anyway, the process isn't very satisfying and all of the research that I've done leads to what appear to be other people's guesses and incomplete checklists.
That's why I built another.  It appears time to refresh that in view of the domain environment.
So, I could use links to good instructions that are up to date and pertinent for domain-joined workstations.  I can well imagine setting up GPOs for this purpose and suggestions for those would be helpful.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
I was looking for suggestions and didn't get a single one.  Too bad.
So, I thought I'd just post this "solution" so the question would't be deleted.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial