Protect user accounts
From: timpuri (anonymous_at_discussions.microsoft.com)
Date: 05/29/04
- Next message: Timo: "Restricting logon attempts"
- Previous message: Joel: "Roaming Profiles"
- Next in thread: Chriss3: "Re: Protect user accounts"
- Reply: Chriss3: "Re: Protect user accounts"
- Reply: Richard Mueller [MVP]: "Re: Protect user accounts"
- Messages sorted by: [ date ] [ thread ]
Date: Sat, 29 May 2004 11:15:25 -0700
Hi
In a singe-domain, single - forest impementation. How am I
able to protect useraccounts from hacking. For example: I
have a ou1 with users. I have another ou2 with users. I
have a security policy that locks user account after 5
failed logon attemps. Now if users in ou2 somehow would
get to know (or guess) another username from ou1 and they
wanted to do harm, they intentionally make five failed
logons as a user in ou1 and the account is locked.
I know
- we can define the computers netbios name, where user
only can logon
- we can make gpos "log on locally"
- we can make restricted group policy
But still. If you are in the same domain and you know the
username, you can try to logon and DCs' do as if defined
in the domain policy.
Thanks
Timo
- Next message: Timo: "Restricting logon attempts"
- Previous message: Joel: "Roaming Profiles"
- Next in thread: Chriss3: "Re: Protect user accounts"
- Reply: Chriss3: "Re: Protect user accounts"
- Reply: Richard Mueller [MVP]: "Re: Protect user accounts"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
