The Protected Users security group was introduced with Windows Server 2012 R2 and continued in Windows Server 2019. This group was developed to provide better protection for high privileged accounts from credential theft attacks. Members of this group have non-configurable protection applied. In order to use the Protected Users group, PDC should be running with a minimum of Windows Server 2012 R2…
In my last 2 posts I explain about Restricted RDP and Protected User Group features available in windows 2012 R2 directory service to protect your high-privileged accounts. Authentication Policies and Authentication Policy Silos also a feature available for windows server 2012 R2 directory services to protect your AD infrastructure’s high privileged accounts.
Let me explain in simple…
Active Directory is great tool, no doubt about it, administrators can do their magic to manage resources in infrastructure with it. But same time if someone able to gain access to AD account with privileges, easily they can use those across the domain joined resources. So the protection of the AD infrastructure is critical.
Microsoft continues with implementing new security features to the Active…
