Local Logon and Local Administrators
GPO Path: Computer Configuration\Policies\Windows Settings\Security Settings\Local Policies\User Right Assignment
GPO Setting: Allow log on locally (used to define this user group)
GPO Path: Computer Configuration\Policies\Windows Settings\Security Settings\Restricted Groups
GPO Settings: Administrators (used to define this user group)
Log On As a Service
GPO Path: Computer Configuration\Policies\Windows Settings\Security Settings\User Rights Assignment\Log on as a service
GPO Setting: NT SERVICE\ALL SERVICES
GPO Setting: Service Account
Desktop Lockout Configuration
GPO Path: User Configuration\Policies\Administrative Templates\Control Panel\Personalization
GPO Setting: Enable Screen Saver
GPO Setting: Force Specific Screen Saver (Screen saver executable name: C:\Windows\System32\scrnsave.scr)
GPO Setting: Password protect the screen saver
GPO Setting: Screen saver timeout (seconds: 180)
GPO Path: Computer Configuration\Policies\Administrative Templates\System\Group Policy
GPO Setting: Policy Setting: Configure user Group Policy loopback processing mode
RDP Configuration
GPO Path: Computer Configuration\Policies\Administrative Templates\Network\Network Connections\Windows Firewall\Domain Profile
GPO Setting: Windows Firewall: Allow ICMP exceptions
GPO Setting: Windows Firewall: Allow inbound Remote Desktop exceptions
GPO Path: Computer Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Sessions Host\Connections
GPO Setting: Allow users to connect remotely by using Remote Desktop Services
GPO Path: Computer Configuration\Policies\Windows Settings\Security Settings\Restricted Groups
GPO Setting: Remote Desktop Users (used to define this user group)
Firewall Allow ICMP (Ping) Requests
GPO Path: Computer Configuration\Policies\Windows Settings\Security Settings\Windows Firewall with Advanced Security\Windows Firewall with Advanced Security\Inbound Rules
GPO Setting: Custom > All programs > Protocol type: ICMPv4 > Allow the connection > Domain & Private > Name: ROOT – Allow – ICMPv4 Ping Requests
Login Banner
GPO Path: Computer Configuration\Policies\Windows Settings\Security Settings\Local Policies\Security Options
GPO Setting: Interactive logon: Message title for users attempting to log on
GPO Setting: Interactive logon: Message text for users attempting to log on
WARNING. You have accessed a private computer system. Unauthorized access, use, connection, or entry is not permitted and constitutes a crime punishable by law. We reserve the right to fully pursue criminal and civil legal penalties. All individuals using this computer system with or without proper authority are subject to having all their activities monitored and recorded. Anyone using this system implicitly consents to this monitoring. Any evidence of suspected criminal activity revealed by such monitoring may be provided to law enforcement officials.
-
Recent Posts
Categories
- Amazon CloudWatch
- Amazon Elastic Compute Cloud
- Amazon Virtual Private Cloud
- Amazon Web Services
- Ansible
- Apache
- Architecture
- Automation
- AWS Command Line Interface
- AWS Identity and Access Management
- Backups
- Barracuda Networks
- BIND
- BIOS
- Brocade
- Certification
- Cisco
- Cisco Unified Computing System
- Dell
- Dell Compellent
- Dell Lifecycle Controller
- Dell OpenManage Essentials 2.1
- Dell PowerEdge R630
- Distributed File System
- Documentation
- Domain Name System
- Dynamic Host Configuration Protocol
- EIGRP
- Fibre Channel
- File Services
- GitHub
- IEEE 802.1q
- Integrated Dell Remote Access Controller 8
- Intel
- Internet Information Services
- iSCSI
- Linksys
- Linktree
- Linux
- Microsoft Active Directory
- Microsoft Deployment Toolkit 2013
- Microsoft Exchange Management Shell
- Microsoft Exchange Server 2013
- Microsoft Exchange Server 2016
- Microsoft Failover Clustering
- Microsoft Group Policy Object
- Microsoft Hyper-V
- Microsoft Office 365
- Microsoft Windows 10
- Microsoft Windows Command Prompt
- Microsoft Windows PowerShell
- Microsoft Windows Server 2016
- Microsoft Windows Storage Server 2012
- Migration
- Multipath I/O
- Network
- Network Time Protocol
- Notepad++
- OSPF
- Python
- Red Hat Enterprise Linux 7
- RIP
- Scripting
- Service Account
- Services
- Storage Area Network
- Symantec Backup Exec 2012
- Symantec Endpoint Protection
- Technical Utilities
- Telnet
- Terraform
- Ubuntu
- Uncategorized
- Virtualization
- VLANS and Trunking
- VMware
- VMware ESXi 5.5
- VMware ESXi 6.0
- VMware ESXi 6.5
- VMware ESXi 6.7
- VMware PowerCLI
- VMware vCenter Converter
- VMware vCenter Server 5.0
- VMware vCenter Server 6
- VMware vCenter Server 6.0
- VMware vCenter Server 6.5
- VMware vCenter Server 6.7
- VMware vSphere 5.0
- VMware vSphere 6.0
- VMware vSphere 6.5
- VMware vSphere Update Manager 6.0
- VMware Workstation 11
- Windows Server 2019
- Windows Server Update Services
- Wireless Networking
Archives
- April 2023
- June 2022
- March 2022
- February 2022
- November 2020
- September 2020
- July 2020
- May 2020
- April 2020
- March 2020
- January 2020
- November 2019
- October 2019
- September 2019
- June 2019
- May 2019
- April 2019
- December 2018
- November 2018
- October 2018
- September 2018
- August 2018
- July 2018
- June 2018
- May 2018
- April 2018
- November 2017
- September 2017
- July 2017
- March 2017
- February 2017
- January 2017
- December 2016
- November 2016
- October 2016
- August 2016
- July 2016
- June 2016
- May 2016
- April 2016
- March 2016
- February 2016
- December 2015
- November 2015
- October 2015
- July 2015
- June 2015
- May 2015
- April 2015
- March 2015
- January 2015
- December 2014
- November 2014
- October 2014
- August 2014
- July 2014
- March 2014
- February 2014
- January 2014
- December 2013
- November 2013
- October 2013
- September 2013
- August 2013
- July 2013
- June 2013
- May 2013
- December 2012
- November 2012
- June 2012
- May 2012
- April 2012
Meta