Network access: Restrict clients allowed to make remote calls to SAMID: oval:org.secpod.oval:def:80671 | Date: (C)2022-06-03 (M)2023-12-13 |
Class: COMPLIANCE | Family: windows |
This policy setting allows you to restrict remote RPC connections to SAM.
The recommended state for this setting is: Administrators: Remote Access: Allow .
Note: A Windows 10 R1607, Server 2016 or newer OS is required to access and set this value in Group Policy.
Note 2: If your organization is using Azure Advanced Threat Protection (APT), the service account, AATP Service will need to be added to the recommendation configuration.
Fix:
(1) GPO: Computer Configuration\Policies\Windows Settings\Security Settings\Local Policies\Security Options\Network access: Restrict clients allowed to make remote calls to SAM
(2) REG: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa!restrictremotesam
Platform: |
Microsoft Windows 10 |