No, I’m not writing a book! It could easily be done, there is an enormous amount of information on the Interwebs about AD and Security. Instead, I want to put a couple of links in here for reference.
Firstly, a friend of mine, Laura Robinson, was the Lead Author of a whitepaper specifically dealing with this topic, download the Best Practices for Securing Active Directory.docx. It’s an awesome document well worth reading through.
Secondly, for those also running SCCM 2012 in their environment, here is a link to a very well written post about Windows Server and SCCM 2012 – Compliance Checking. Step by step on how to use SCCM to run a weekly check on *all* your servers, DCs or otherwise, to make sure they are compliant with your internal (or Microsoft’s) Best Practice.
Enjoy the light reading.
get IT right
Wayne
BNE MCT 