WizYo Blog ! WizYo Sytes Net Tech Support
What a great place to share :) Here you will find flashes of brilliance caught for all the world to enjoy. .. Actually, these are brief articles describing how I fixed a problem. Every day, I find information online that helps me solve a mystery. So this is me giving back to the community. Thanks for stopping by.. and don't forget to tell your friends!

Domain Security Policy

some notes on enabling auditing to enhance domain security for Windows 2000 Active Directory:

Start .. Programs .. Administrative Tools .. Domain Security Policy
Windows Settings .. Security Settings .. Local Policies .. Audit Policy

Enable these Policies:
Audit account logon events
Audit directory service access
Audit logon events
Audit object access
Audit policy change

Start .. Run .. CMD .. OK

secedit /refreshpolicy machine_policy
secedit /refreshpolicy user_policy
  • Browse to folder requiring monitoring.
  • Right click folder and choose properties.
  • Select Security tab. Click Advanced...
  • Select Auditing tab
  • Click Add...
  • Change Look in: to local system name
  • Select Everyone from list and click OK
  • Choose items to monitor
    • Delete Subfolders and Files (Successful/Failed)
    • Delete (Successful/Failed)
    • Take Ownership (Successful/Failed)
  • Click OK
  • Check Reset auditing entries on all child objects and enable propagation of inheritable auditing entries.
  • Click OK
Monitor Security event log for alerts. Add or remove items to fit your specific requirements.

Keep in mind this is extra work for your servers and you may take a performance hit by enabling auditing.

 

 

( )

Friday, December 30, 2005


0 Comments:

Post a Comment

Back to top.

Home
WizYo
Sytes Net

Links
~hot~ Links


this site !

GuestBook
Guests

Free Hit Counter

Blog!

Tell a friend about Tech Support available here !

Free Phone with iTunes
- Previous -
 
- ASP.net Compiler Error BC30138 Solution
 
- Free eBay item listing template
 
- Adware and auto-run registry key (notes)
 
- Veritas 9.0 handy Reinstallation Patches
 
- Windows XP wouldn't allow network access
 
- Cheap website domain hosting
 
- Server 2003 Backup at your own risk !
 
- Norton Internet Security may go *bump* in the night
 
- unsolved emachine
 
- System(don't)Works with WinXP and Zip100
 
- Search -
 

 


it's private

 

This page is powered by Blogger. Isn't yours?