This document is intended as a step-by-step guide for installing and setting basic security settings for a
Domain Controller.
We will walkthrough basic settings and configurations, giving you a starting point to create and maintain a
secure Windows 2016 Domain Controller. We advise you use this guide in addition to other available
guides, supplementing this information with strategies outlined on the Microsoft Security site as well as
SANS, NSA and NIST. This will improve the security of your domain.
Do not consider your domain, or computers in your domain invincible from hacking, viruses or worms
because you set certain policies discussed in this guide. You must also keep current service packs,
updates, hot-fixes and security patches applied to the all systems on your network. Not merely Servers, but
also Workstations and any other network devices.
Following Microsoft best practices for security will reduce the chances of security breaches, but maintaining
good practices, end-user communication, and thorough documentation for your own environment is an
absolute necessity!
We hope you enjoy this document!
Install _ Secure Windows Server 2016 Domain Controller.pdf
