http://www.sunbelt-software.com/ntsysadmin_list_charter.htm-----Original Message-----
From: Rogers, Jeff L (O&M) [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, August 14, 2001 10:59 AM
To: NT System Admin Issues
Subject: RE: auditBTW: that's a LOCAL setting, otherwise, go to Active Directory users/groups if I remember correctly
Run| MMC | Add/Remove snap-in | Secpol | Automatically log off users when time expires
-----Original Message-----
From: Kevin Lundy [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, August 14, 2001 09:48
To: NT System Admin Issues
Subject: RE: audit
I think you have the right one below. But remember, that setting is a
computer setting, so you need to apply that policy to the appropriate
servers. Then in each user, define their hours (or use another GPO)I'm going to try it right now, but it may take a bit so that I can ensure
that the policy replicates prior to the login hours I define.-----Original Message-----
From: Shirley Laliberte [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, August 14, 2001 10:31 AM
To: NT System Admin Issues
Subject: RE: audit
You're reply prompts another question. I did restrict hours from 6:00 AM to
midnight. I noticed that if an individual did not logoff that all during
the night they were shown in the security log. I found a group policy
(windows 2000) that says to log off users after login time has expired.
This doesn't seem to be the key to force their logoff. Am I looking in the
wrong place???-----Original Message-----
From: Erik Brown [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, August 14, 2001 10:24 AM
To: NT System Admin Issues
Subject: RE: audit
I use it here because the old cleaning crew had a bad habit of trying to
access stuff on users PCs that weren't logged off. It helps to take care of
"memory" problems (people forget to log off...etc). It also keeps people out
while the backups are running.Erik
-----Original Message-----
From: Shirley Laliberte [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, August 14, 2001 9:04 AM
To: NT System Admin Issues
Subject: audit
Our auditors just wrote us up.
Here's their statement "The credit Union is not utilizing time/day
restrictions in Windows. These setting restrict users from gaining network
access during non-business hours. If not set appropriately, these accounts
can be exploited to gain unauthorized access to the network".We have not dial up connections to the network. The only thing we have
setup is to allow a connection to the Exchange server for internet email.
We have eight digit passwords and an account is locked out after 3 invalid
attempts.I don't believe having logon hour restrictions will improve security but I
would like other opinions.Opinions???
Shirley Laliberte
Quincy Municipal Credit Union
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
Title: RE: audit
That
is correct, it's a local setting. That's why you need to apply the setting
via a Group Policy. Otherwise you would need to do it on each
system
- RE: audit Kevin Lundy
- RE: audit Shirley Laliberte
- RE: audit Shirley Laliberte
- RE: audit Scales, Shane G., SPC
- RE: audit Kevin Lundy
- RE: audit Ray Zorz
- RE: audit Shirley Laliberte
- RE: audit Kevin Lundy
- RE: audit Rogers, Jeff L (O&M)
- RE: audit Rogers, Jeff L (O&M)
- RE: audit Kevin Lundy
- RE: audit Roger Seielstad
- RE: audit jdipiet3
- RE: audit Phillips, Glen
- RE: audit Murray Freeman
- RE: audit Rogers, Jeff L (O&M)
- RE: audit Murray Freeman
- RE: audit Ray Zorz
- RE: audit Murray Freeman
- RE: audit Shirley Laliberte
- RE: audit Shirley Laliberte
