How do you manage and secure Active Directory domain controllers in a highly regulated, multi-domain environment?