1 Reply Latest reply on Mar 4, 2014 3:39 PM by greatscott

    Using firewall rules to restrict domain controller promotion (DCPROMO)

    mark.a.ivy

      I am currently using McAfee HIPS on my domain controllers.  I am wanting to restrict dcpromo from being ran on a member server in the event an account in the domain gets compromised and someone tries to run dcpromo on a member server in order to get a copy of the AD database.  Has anyone tried to do this or have any suggestions on how to accomplish this?  I am also running virusscan and application control (solidcore).  Any help would be greatly appreciated!