Preparing a locked-down Active Directory Domain Services in Lync Server 2013

 

Topic Last Modified: 2012-05-14

Organizations often lock down Active Directory Domain Services to help mitigate security risks. However, a locked-down Active Directory environment can limit the permissions that Lync Server 2013 requires. Properly preparing a locked-down Active Directory environment for Lync Server 2013 involves some additional considerations and steps.

Two common ways in which permissions are limited in a locked-down Active Directory environment are as follows:

  • Authenticated user access control entries (ACEs) are removed from containers.

  • Permissions inheritance is disabled on containers of User, Contact, InetOrgPerson, or Computer objects.