LocalAccountTokenFilterPolicy

Question

LocalAccountTokenFilterPolicy

Deas-h opened this issue a year ago · comments

Would it be possible to add "LocalAccountTokenFilterPolicy" as a GPO? It is not 100% related to what you do here, but it enables on an standalone server a NOT builtin admin with enabled UAC to remotely access a server (for security scanning with Nessus or Rapid7).

https://docs.rapid7.com/nexpose/authentication-on-windows-best-practices

I searched the .admx and was not able to find this key so it should not be already implemented this time... :)

Thanks alot for your help!

Brgds Deas

Florian Stosse · Answer 1 · Fri Apr 21 2023 18:58:30 GMT+0800 (China Standard Time)

Hi,

It's not added in my ADMX because it already is available in the Microsoft SecGuide ADMX, but since I already ported several policies from there in my template, I guess I can add it too... :)

Deas-h · Answer 2 · Fri Apr 21 2023 19:28:02 GMT+0800 (China Standard Time)

Sorry, I was searching for that setting, but did not found an ADMX which contains it. Only with "secguide" added to the search I used before I am pointed to this ADMX. Thanks for your help! :)