Flux rss

Security Policies in Windows NT

They need your help

Understanding the notion of policy

Security policy is the set of all security rules that are to be implemented in an organisation, and the ways in which they are implemented. The user manager located in the Start Menu (Programs/Administration tools) contains the Policy tag, which includes three elements:

  • Account Policy, with options (check-box or radio buttons) for user connections (options for passwords)
  • User Rights Policy, which defines the permissions granted to each type of user
  • Audit Policy, which defines which events are to be recorded in a log file that can then be viewed with the Event Viewer.

Account Policy

Account Policy is used for selecting password options.

Every account requires a password to access network resources. Some rules are in place to guarantee the best possible security.

  • Assign a password to the Administrator account in order to prevent use of that account by an unauthorised person.
  • Determine who controls passwords. It is possible to assign a unique password to a user or give him or her the capability to change it after logging in for the first time, which allows the user to choose his or her own password.
  • Determine if an account should expire. It is helpful to create temporary accounts for temporary employees.
  • Avoid using obvious passwords (like the name of a parent or a pet)
  • Use a long password (up to 14 characters)
  • Alternate uppercase and lowercase. Passwords are case-sensitive.

Account Policy

The first section of the dialog box is for users' passwords. Passwords are a gateway into the system's security, so it is essential to encourage users to choose passwords that are at least somewhat difficult to guess.

Here are the options offered:

  • Password Restrictions
    • Maximum Password Age defines the length of time that the user may use the password before being required to change it.
    • Minimum Password Age prevents a user from changing the password too often.
    • Minimum Password Length ensures that the password is long enough to stop attempted intrusions.
    • Password Uniqueness: This option keeps a log file of all different passwords used, in order to force the user to choose an entirely new one when needed.
  • Account lockout
    • Lockout duration
      • Determines the number of consecutive failed login attempts before the system blocks the account, and the conditions for unblocking it (a length of time or administrator intervention).
  • The user must change his or her password the next time he or she logs in. The user is also supposed to change the password the first time he or she logs in. This ensures that the user is the only person who knows the password.
  • User cannot change password: If several people use the same user account, or if you want to retain control over passwords.
  • Password never expires: The password may not change. This option has priority over the first.
  • Account deactivated: For temporarily suspending an account.

User Rights Policy

User Rights Policy defines which permissions are granted to each type of user in the system.

Audit Policy

Audit Policy is used to audit certain events (meaning that it records them on the hard drive), or more precisely, to check whether certain system events have succeeded or failed.

Audit Policy appears as a dialog box where an administrator can simply check or uncheck boxes to set the desired policy.

Audit Policy in Windows NT

This document entitled « Security Policies in Windows NT » from Kioskea (en.kioskea.net) is made available under the Creative Commons license. You can copy, modify copies of this page, under the conditions stipulated by the licence, as this note appears clearly.

Résultats pour Security Policies in Windows NT

Windows NT - User management Windows NT is an operating system which manages sessions, meaning that when the system is started, it is necessary to log in with a user name and password. When Windows NT is installed, the administrator account is created by default, as is an... en.kioskea.net/winnt/ntusers.php3
Windows NT - Introduction Windows NT (for "New Technology") is a 32-bit operating system developed by Microsoft. Windows NT's outward appearance makes it look a lot like Windows 95/98/Millennium, but Windows NT has a separately developed kernel. Because of this, Windows NT... en.kioskea.net/winnt/ntintro.php3
Windows NT 3.51 Server wont logon Hello, I don't know what I was thinking and it's actually my fault that I stuffed this thing up, but I decided to upgrade Windows NT Server 3.51 and now when I try and logon with my original password and user name which was upgraded from... en.kioskea.net/forum/affich-1383-windows-nt-3-51-server-wont-logon

Résultats pour Security Policies in Windows NT

[Windows NT]NT 4.0 SP2+:Enabling the DMA[Windows NT]NT 4.0 SP2+:Enabling the DMA Intro Enabling DMA on Windows NT 4.0 SP2 +: Check NT service pack Installation Intro Handling the DMA, for IDE drives is much more difficult under NT4 than under Windows 9x series. Unlike the... en.kioskea.net/faq/sujet-855-windows-nt-nt-4-0-sp2-enabling-the-dma
NTFS uses more disk space than FATNTFS uses more disk space than FAT Myth: Reality: Explanation: Microsoft invented both NTFS and FAT file system FAT is inherited from MS-DOS and Windows 95/98, while NTFS is inherited from Windows NT4. NTFS is the file system default... en.kioskea.net/faq/sujet-761-ntfs-uses-more-disk-space-than-fat
Disabling sharing of administrative taskDisabling sharing of administrative task By default all Microsoft Windows NT based operating system possess hidden administrative shares options, allowing the administrator of a machine to access the machine via the network. Here is... en.kioskea.net/faq/sujet-815-disabling-sharing-of-administrative-task
1 2 3 Next

Résultats pour Security Policies in Windows NT

Problem with include on windows NT serverHello, im on a windows NT server, and somehow, when i use the include methode include('../functions.php'); it doesn't find the functions.php page!! i have a file name post.php, it's in a folder, and i need to include the functions... en.kioskea.net/forum/affich-487-problem-with-include-on-windows-nt-server
NetBIOS name resolutionHello, What windows NT server service provides automated NetBIOS name resolution ? en.kioskea.net/forum/affich-3082-netbios-name-resolution
Changing filesystem to MacHello, I am trying to add music files to my external hard drive. The problem is that the external hard drive used to be on my PC and is running on a Windows NT file system. I would like to change the file system so it will work with my Mac. Anyone... en.kioskea.net/forum/affich-6522-changing-filesystem-to-mac
1 2 3 Next

Résultats pour Security Policies in Windows NT

Processes - winlogon - winlogon.exe winlogon.exe (winlogon stands for Windows LogOn Process) is a Windows NT/2000/XP generic process which manages log-on and log-off processes. The process winlogon is also active when the Windows Security window is open (shown when CTRL+ALT+DEL are... en.kioskea.net/processus/winlogon-exe.php3
Processes - ntvdm - ntvdm.exe ntvdm.exe (Windows 16-bit Virtual Machine) is a Windows NT/2000/XP generic process used for providing a 16-bit environment for old 16-bit applications. The process ntvdm is not in any way a virus, a worm, a Trojan horse, spyware, or adware. It is a... en.kioskea.net/processus/ntvdm-exe.php3
Processes - ntfrs - ntfrs.exe ntfrs.exe (ntfrs stands for NT File Replication Service) is a Windows NT/2000/XP generic process for managing file replication and synchronisation between multiple machines and servers. The process ntfrs is not in any way a virus, a worm, a Trojan... en.kioskea.net/processus/ntfrs-exe.php3
1 2 3 Next