Some default AD settings, like the setting allowing all users to add workstations to your
domain, gives unnecessary privileges to users in your entity. When you install AD, review
the security configuration and make changes to fit your entity’s needs. You should also
review all user permissions to ensure you’re granting only the minimum level of access
needed.
By limiting permissions, malicious users are less likely to gain privileged access, and
employees at your entity are less likely to abuse privileges. To adjust default security
settings, you can manually change attribute values and permissions or use AD tools that help
you configure these settings.