Group Membership Enforcement
What is Group Membership Enforcement?
Group Membership Enforcement is a control for:
- Policy compliance
- Regulatory compliance
Group Membership Enforcement is a security control to prevent insider and external abuse. It is a security "Best Practice" to eliminate unnecessary privileged accounts. Although Group Membership Enforcement can be applied to any group, however 98% of the time it is applied to the Administrators Group. Group Membership Enforcement ensures membership to the Administrators Group is enforced at all times.
Before enforcing groups and users, you must first must run the Local User Inventory Policy . Running the policy discovers the resources that you can work with.Â
Always Include the Built-In Administrator
Always include the Built-In Administrator Account into the Local Administrator Group!