![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(153.6, 19%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
7,023 questions
Hi,
When a user is added to the Protected Users group a number of additional security constraints/restrictions are applied to the account, which can break existing functionality, especially if the account is used as a service accounts. One of the main restrictions is that is applied is that NTLM authentication can't be used, if your applications are using NTLM then they will be inaccessible.
Have a look at the article below which contains the details of the additional restrictions that are applied. You will need to check if your applications will be impacted by these restrictions.
Gary.