保护 Active Directory 的最佳方案Best Practices for Securing Active Directory

适用于:Windows Server 2016、Windows Server 2012 R2、Windows Server 2012Applies To: Windows Server 2016, Windows Server 2012 R2, Windows Server 2012

本文档提供实践者的视角,并包含一套实用的技术,可帮助 IT 管理人员保护企业 Active Directory 环境。This document provides a practitioner's perspective and contains a set of practical techniques to help IT executives protect an enterprise Active Directory environment. Active Directory 在 IT 基础结构中扮演关键角色,并确保不同网络资源在全球相互连接的环境中的协调性和安全性。Active Directory plays a critical role in the IT infrastructure, and ensures the harmony and security of different network resources in a global, interconnected environment. 所讨论的方法很大程度上基于 Microsoft 信息安全和风险管理 (ISRM) 组织的经验,该经验负责保护 Microsoft IT 及其他 Microsoft 业务部门的资产,并向所选数量的 Microsoft 全球500客户提供建议。The methods discussed are based largely on the Microsoft Information Security and Risk Management (ISRM) organization's experience, which is accountable for protecting the assets of Microsoft IT and other Microsoft Business Divisions, in addition to advising a selected number of Microsoft Global 500 customers.