Security Templates (MCP Series)

Setup Security (Setup Security.inf)

The default security template created when an operating system is installed.

Domain Controller Security (DC Security.inf)

DC Security.inf is created when a server is promoted to a Domain Controller. DC Security.inf is a good starting point when creating a security template for a new Domain Controller. Be aware that applying the DC Security template will overwrite values (files, registry keys, services) changed by other programs.

Secure Template (Secure*.inf)


Example: securews.inf, securedc.inf

The Secure Template enforces restrictions that are unlikley to affect compatibility. Stronger passwords are required and account lockout settings are secured.

Highly Secure (hisec*.inf)

Example: hisecdc.inf

The Highly Secure Template enforces restrictions that are not enforced on the Secure Template. These restrictions include encryption and authentication levels. The hisec security template requires the use of IPSec as it applies the IPSec - Secure Server policy for IP communication.

* Where the asterisk can be:
  • WK - Workstation
  • WS - Workstation or Server
  • SV - Member Server
  • DC - Domain Controller

Popular posts from this blog

Get local computer UUID/GUID using Windows Powershell

gPLink and gPOptions

PSLoggedOn Getting Started on Windows Server 2008 R2