What a great place to share :) Here you will find flashes of brilliance caught for all the world to enjoy. .. Actually, these are brief articles describing how I fixed a problem. Every day, I find information online that helps me solve a mystery. So this is me giving back to the community. Thanks for stopping by.. and don't forget to tell your friends!
Domain Security Policy
some notes on enabling auditing to enhance domain security for Windows 2000 Active Directory:
Start .. Programs .. Administrative Tools .. Domain Security Policy
Windows Settings .. Security Settings .. Local Policies .. Audit Policy
Enable these Policies:
Audit account logon events
Audit directory service access
Audit logon events
Audit object access
Audit policy change
Start .. Run .. CMD .. OK
secedit /refreshpolicy machine_policy
secedit /refreshpolicy user_policy
Browse to folder requiring monitoring.
Right click folder and choose properties.
Select Security tab. Click Advanced...
Select Auditing tab
Click Add...
Change Look in: to local system name
Select Everyone from list and click OK
Choose items to monitor
Delete Subfolders and Files (Successful/Failed)
Delete (Successful/Failed)
Take Ownership (Successful/Failed)
Click OK
Check Reset auditing entries on all child objects and enable propagation of inheritable auditing entries.
Click OK
Monitor Security event log for alerts. Add or remove items to fit your specific requirements.
Keep in mind this is extra work for your servers and you may take a performance hit by enabling auditing.
( )
Friday, December 30, 2005
0 Comments:
Back to top.