Tomster/Windows-Setup
1
0
Fork 0
mirror of https://github.com/TommyTran732/Windows-Setup.git synced 2024-09-19 09:54:50 -04:00
Code
9d01449374
Windows-Setup/Group Policies Objects/Default Domain Policy/Security Options.md
Tommy 9d01449374
LDAPS Enforcement 
Signed-off-by: Tommy <contact@tommytran.io>
2024-01-06 04:29:12 -07:00

890 B
Raw Blame History

Security Options

Documentation: https://learn.microsoft.com/en-us/windows/security/application-security/application-control/user-account-control/settings-and-configuration?tabs=gpo

Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options

  • User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode -> Prompt for credentials
  • User Account Control: Only elevate executables that are signed and validated -> Enabled
  • User Account Control: Switch to the secure desktop when prompting for elevation -> Enabled (Docs says it is enabled by default, but it is off on my Parallels VM somehow)
  • Security setting -> Define -> Require signing (Follow this guide to setup LDAPS if you do not have key server: https://www.dvolve.net/blog/2019/12/using-lets-encrypt-for-active-directory-domain-controller-certificates/)