I no longer work at Microsoft, so please don't bother leaving a comment here or trying to contact me through my MSDN blog.
You can find my new blog at http://www.technologytoolbox.com/blog/jjameson. My new site also provides copies of all posts from my MSDN blog.
Another Group Policy object that I use in the "Jameson Datacenter" (a.k.a. my home lab) is one that I created a couple of years ago in order to eliminate various warnings from the Microsoft Baseline Security Advisor (MBSA).
To automatically change the default security settings in the "Jameson Datacenter", I defined a Group Policy (named Default Security Settings Policy) with the following settings:
I don't know about you, but I haven't used Telnet in almost fifteen years -- back when I used to work on Unix systems ;-)
This Group Policy is linked to the entire domain (i.e. corp.technologytoolbox.com).
Note that I still use the Default Domain Controllers Policy to configure the security settings on the domain controllers (and thus domain accounts). In other words, the settings noted above only affect local accounts (e.g. COLOSSUS\Administrator, not TECHTOOLBOX\jjameson).