Appendices

Applies to: Windows Server 2022, Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2012

Appendices are included in this document to augment the information contained in the body of the document. The list of appendices and a brief description of each in included the following table.

Appendix Description
Appendix B: Privileged Accounts and Groups in Active Directory Provides background information that helps you to identify the users and groups you should focus on securing because they can be leveraged by attackers to compromise and even destroy your Active Directory installation.
Appendix C: Protected Accounts and Groups in Active Directory Contains information about protected groups in Active Directory. It also contains information for limited customization (removal) of groups that are considered protected groups and are affected by AdminSDHolder and SDProp.
Appendix D: Securing Built-In Administrator Accounts in Active Directory Contains guidelines to help secure the Administrator account in each domain in the forest.
Appendix E: Securing Enterprise Admins Groups in Active Directory Contains guidelines to help secure the Enterprise Admins group in the forest.
Appendix F: Securing Domain Admins Groups in Active Directory Contains guidelines to help secure the Domain Admins group in each domain in the forest.
Appendix G: Securing Administrators Groups in Active Directory Contains guidelines to help secure the Built-in Administrators group in each domain in the forest.
Appendix H: Securing Local Administrator Accounts and Groups Contains guidelines to help secure local Administrator accounts and Administrators groups on domain-joined servers and workstations.
Appendix I: Creating Management Accounts for Protected Accounts and Groups in Active Directory Provides information to create accounts that have limited privileges and can be stringently controlled, but can be used to populate privileged groups in Active Directory when temporary elevation is required.
Appendix L: Events to Monitor Lists events for which you should monitor in your environment.
Appendix M: Document Links and Recommended Reading Contains a list of recommended reading. Also contains a list of links to external documents and their URLs so that readers of hard copies of this document can access this information.