By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
It's recommended not to use the Default Domain GPO but what is the Default Domain Controller to be used for and would the same recommendation apply? I am thinking of applying Restricted Groups to some of the more sensitive groups in our domain and was wondering the best practice for this.
The issue is not to alter the default domain GPO but create your own GPOs with custom settings. Thus if you ever make a mistake, you can delete your GPO and still have the default one to fall back on.