Prevent internal Ldap Queries
what best method prevent internal domain users (non administrators) query ad info.
running powershell or other queries against active directory domain joined computer non administrative user must blocked.
thank you,
darshan
active directory not supposed host confidential data such restrictions not required.
you can tweak security permissions on ous , containers can revoke read permission non-admin users. however, need careful not impact ad-based applications when changing acls.
you can give more details: http://windowsitpro.com/active-directory/hiding-data-active-directory
this posting provided "as is" no warranties or guarantees , , confers no rights.
get active directory user last logon create active directory test domain similar production one management of test accounts in active directory production domain - part i management of test accounts in active directory production domain - part ii management of test accounts in active directory production domain - part iii reset active directory user password
Windows Server > Directory Services
Comments
Post a Comment