Secure Windows Server user accounts

Protect your Active Directory environment by securing user accounts to least privilege and placing them in the Protected Users group. Learn how to limit authentication scope and remediate potentially insecure accounts.

Administrator

Azure

Windows Server

Module Objectives

After completing this module, you will be able to:

Configure and manage user accounts to limit security threats across an organization
Apply Protected Users settings, policies, and authentication silos to protect highly privileged user accounts
Describe and configure Windows Defender Credential Guard
Configure Group Policy to block the use of NTLM for authentication

Units

Introduction min
Configure user account rights min
Protect user accounts with the Protected Users group min
Describe Windows Defender Credential Guard min
Block NTLM authentication min
Locate problematic accounts min
Knowledge check min
Summary min

Prerequisites

Familiarity with managing Active Directory Domain Services security principals
Ability to edit Active Directory Group Policy settings
Experience performing basic Windows Server administration tasks