Added security policy

docs/explanation/index.md

@@ -17,4 +17,5 @@ AppArmor Profiles <apparmor>
 Network Shares <network-shares>
 Network Proxy <proxy>
 Certificates Auto-Enrolment <certificates>
+Security Policy <security-policy>
 ```

docs/explanation/security-policy.md

@@ -0,0 +1,39 @@
+# Case of the security policy
+
+Certain group policies are directly managed by **SSSD**. In such instances, **ADSys** is not involved at all. This is applicable to **Security Settings**.
+
+In Windows Group Policy Management Editor,you can locate these keys at `[FOREST.ROOT] > Computer Configuration > Windows Settings > Security Settings`
+
+Below is a table providing a non-comprehensive list of Security Settings defined in Windows, which are not managed by ADSys but receive partial support through SSSD.
+
+| Windows Setting |
+| --------------- |
+|**Account Policies > Password Policy**|
+|Enforce password history|
+|Maximum password age|
+|Minimum password age|
+|Minimum password length|
+|Password must meet complexity requirements|
+|**Account Policies > Account Lockout Policy**|
+|Account lockout duration|
+|Account lockout threshold|
+|Reset account lockout counter after|
+|**Local Policies > User Rights Assignment**|
+|Access this computer from the network|
+|Allow log on locally|
+|Allow log on through Remote Desktop Services|
+|Change the system time|
+|Change the timezone|
+|Deny access to this computer from the network|
+|Deny log on as a batch job|
+|Deny log on as a service|
+|Deny log on locally|
+|Deny log on through Remote Desktop Services|
+|Log on as a batch job|
+|Log on as a service|
+|Shutdown the system|
+|**Local Policies / Security Options**|
+|Administrator account status|
+|Shutdown: Allow system to be shut down without having to log on|
+
+Get more information on [SSSD](https://sssd.io/).