This policy setting allows you to restrict remote RPC connections to SAM. The recommended state for this setting is: Administrators: Remote Access: Allow . Note: A Windows 10 R1607, Server 2016 or newer OS is required to access and set this value in Group Policy. Note 2: If your organization is using Azure Advanced Threat Protection (APT), the service account, AATP Service will need to be added to the recommendation configuration. Fix: (1) GPO: Computer ConfigurationPoliciesWindows SettingsSecurity SettingsLocal PoliciesSecurity OptionsNetwork access: Restrict clients allowed to make remote calls to SAM (2) REG: HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa!restrictremotesam

[O:BAG:BAD:(A;;RC;;;BA)]

(1) GPO: Computer Configuration\Policies\Windows Settings\Security Settings\Local Policies\Security Options\Network access: Restrict clients allowed to make remote calls to SAM (2) REG: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa!restrictremotesam