Re: Using Group Policy to implement NIST security requirements for Federal government agencies

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: "Roger Abell [MVP]" <mvpNoSpam@xxxxxxx>
Date: Fri, 9 Jun 2006 07:21:43 -0700

The capability is not built into current versions of Windows, although
Windows comes close to having the required information available,
there is however not MS supplied way to present this at login.

"Bill Bradley" <wdbradley3@xxxxxxxxxxx> wrote in message
news:uGxUXT4iGHA.3440@xxxxxxxxxxxxxxxxxxxxxxx

I work for a Federal agency, and, we're being required to implement many of
the procedures in NIST Special Publication 800-53a, in particular the AC-9
Previous Logon Notification (The information system notifies the user, upon
successful logon, of the date and time of the last logon, and the number of
unsuccessful logon attempts since the last successful logon.).

Although NIST lists this as optional, we're being required to make this
work.

Is anyone aware of a GPO or other method to make this happen (MS doesn't
even admit to being able to do it)?

Thanks!

References:
- Using Group Policy to implement NIST security requirements for Federal government agencies
  - From: Bill Bradley

Prev by Date: Re: Deploy office 2003 to XP workstations
Next by Date: Re: GPO Does Not Function
Previous by thread: Using Group Policy to implement NIST security requirements for Federal government agencies
Next by thread: Re: Using Group Policy to implement NIST security requirements for Federal government agencies
Index(es):
- Date
- Thread

Relevant Pages

RE: Understaing Event Details in Windows NT
... LoginID is a unique hex value assigned to each logon session. ... cross-refrence the LoginID from a Successful Logon event with the same ... Randy Franklin Smith wrote a great series of articles for Windows & .NET ...
(Focus-Microsoft)
Re: How to force a logoff in a logon script?
... Windows has a registry key that governs which UI will be presented ... the unauthorized user cancels the logon dialog and goes away ... system, but complains that there was no cancel button, only an OK ...
(microsoft.public.windows.server.scripting)
Re: When utilizing "Switch User" the music "NEVER" Stops!
... 2004 Windows MVP "Winny" Award ... Switch User, changing logons and checking the top of Zone ... >logging onto the 2nd logon and then logging off and back ... >>NEVER stopped thru any of the screens ?? ...
(microsoft.public.windowsxp.general)
Re: Huh? "Login failure: the user has not been granted the requested logon type at this compute
... I'm a pretty experienced Windows user and programmer, ... the user has not been granted the requested logon type ... on the appropriate OU to see the Group Policy for that OU]. ... > administrators' group to the domain controller. ...
(microsoft.public.security)
Re: Server 2K3 Remote Desktop Access - is this right place?
... All roads for that particular error of 'You do not have access to logon to ... On Windows Server 2003, launch GPEDIT.MSC from Start -> Run. ... Drill down and expand the following for Local Computer Policy: ... > Strange - when I activate the Remote Desktop Terminal from the server, ...
(microsoft.public.win2000.advanced_server)