RE: audit

[Murray Freeman]

Title: RE: audit

Well, since noone has said it yet, I would strongly suggest to the auditors that they not be concerned. I sure wouldn't want our people having a good excuse for not working on our behalf 24 hours a day! (;-)

 

Murray

-----Original Message-----
From: Rogers, Jeff L (O&M) [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, August 14, 2001 10:07 AM
To: NT System Admin Issues
Subject: RE: audit

I know that.  That's why I sent in the note.  It is enforcible with Win2K Advanced Server.  I've used it.

-----Original Message-----
From: Kevin Lundy [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, August 14, 2001 10:01
To: NT System Admin Issues
Subject: RE: audit

That is correct, it's a local setting.  That's why you need to apply the setting via a Group Policy.  Otherwise you would need to do it on each system

-----Original Message-----
From: Rogers, Jeff L (O&M) [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, August 14, 2001 10:59 AM
To: NT System Admin Issues
Subject: RE: audit

BTW: that's a LOCAL setting, otherwise, go to Active Directory users/groups if I remember correctly

Run| MMC | Add/Remove snap-in | Secpol | Automatically log off users when time expires

-----Original Message-----
From: Kevin Lundy [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, August 14, 2001 09:48
To: NT System Admin Issues
Subject: RE: audit

I think you have the right one below.  But remember, that setting is a
computer setting, so you need to apply that policy to the appropriate
servers.  Then in each user, define their hours (or use another GPO)

I'm going to try it right now, but it may take a bit so that I can ensure
that the policy replicates prior to the login hours I define.

-----Original Message-----
From: Shirley Laliberte [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, August 14, 2001 10:31 AM
To: NT System Admin Issues
Subject: RE: audit

You're reply prompts another question.  I did restrict hours from 6:00 AM to
midnight.  I noticed that if an individual did not logoff that all during
the night they were shown in the security log.  I found a group policy
(windows 2000) that says to log off users after login time has expired.
This doesn't seem to be the key to force their logoff.  Am I looking in the
wrong place???

-----Original Message-----
From: Erik Brown [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, August 14, 2001 10:24 AM
To: NT System Admin Issues
Subject: RE: audit

I use it here because the old cleaning crew had a bad habit of trying to
access stuff on users PCs that weren't logged off. It helps to take care of
"memory" problems (people forget to log off...etc). It also keeps people out
while the backups are running.

Erik

-----Original Message-----
From: Shirley Laliberte [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, August 14, 2001 9:04 AM
To: NT System Admin Issues
Subject: audit

Our auditors just wrote us up.
Here's their statement "The credit Union is not utilizing time/day
restrictions in Windows.  These setting restrict users from gaining network
access during non-business hours. If not set appropriately, these accounts
can be exploited to gain unauthorized access to the network".

We have not dial up connections to the network.  The only thing we have
setup is to allow a connection to the Exchange server for internet email.
We have eight digit passwords and an account is locked out after 3 invalid
attempts.

I don't believe having logon hour restrictions will improve security but I
would like other opinions.

Opinions???

Shirley Laliberte
Quincy Municipal Credit Union

http://www.sunbelt-software.com/ntsysadmin_list_charter.htm

http://www.sunbelt-software.com/ntsysadmin_list_charter.htm

http://www.sunbelt-software.com/ntsysadmin_list_charter.htm

http://www.sunbelt-software.com/ntsysadmin_list_charter.htm

http://www.sunbelt-software.com/ntsysadmin_list_charter.htm

http://www.sunbelt-software.com/ntsysadmin_list_charter.htm

http://www.sunbelt-software.com/ntsysadmin_list_charter.htm

http://www.sunbelt-software.com/ntsysadmin_list_charter.htm

http://www.sunbelt-software.com/ntsysadmin_list_charter.htm