Previous SQL Server Memory Management GPO Introduction Next

Group Policy Management

Group Policy Objects (GPOs) are the standard method for defining and enforcing security within Windows. The use of GPOs is expected by Auditors and Windows Administrators. DBAs and other people managing a SQL Server instance should seek to exploit GPO for security wherever practical.

More details about GPOs are given in GPO Introduction.

Advice about using a GPO to protect the filesystem is given in File and Folder GPO.

The table below shows where GPOs can be used within SQL FineBuild.

Item Comment
Setup Folder Permissions Set permissions for DBA and service accounts
Setup Group Membership Set membership of Windows Groups
Setup Group Rights Set Windows Rights and Privileges for Groups
Setup No SSL v3 Disable SSL v3
Setup No Windows Global Access Disable Windows Global Access to Server
Setup PoSh Trusted Host Setup PowerShell Trusted Host to allow PS remote execution
Setup Power Configuration Power Configuration adjusted to Maximum
Setup Registry Permissions Set Registry Key permissions
Setup Service Permissions Set Service Control permissions
Setup TLS 1.2 Enable TLS 1.2
Setup User Rights Set Windows Rights and Privileges for Users
Setup Windows Audit Specify Windows Audit options
Setup WMI Permissions Specify WMI Provider Key permissions

Copyright FineBuild Team © 2014 - 2017. License and Acknowledgements
Previous SQL Server Memory Management Top GPO Introduction Next

Last edited Mar 20 at 2:02 PM by EdVassie, version 6