Re: Can't change security policy

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

"rindi" <rindi@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:25846E55-28B1-4DA7-81A1-F22C0EFD439F@xxxxxxxxxxxxxxxx
>I know that passwords should strong, but theclient insists on them being
> easier!
>
> What from netdiag and dcdiag do you need?
> DCDIAG:
> Starting test: NetLogons
> * Warning VORDEFINIERT\Administratoren did not have the "Access
> this computer
> * from network" right.
> [G4WSRV01] An net use or LsaPolicy operation failed with error 1,
> Win32 Error 1.
> ......................... G4WSRV01 failed test NetLogons

Thanks, loooks like you have a netlogon issue but your AD in general is OK.
Netlogons test failure is the reason why no one can login. Incidently, users
can't logon to the server directly by design. Can they login to their local
workstations?

Your client should be advised that you are unable to change the password
policy as that is after all the truth of this matter. As far as I can tell,
you are in Europe and are thus subject to their data protection laws. I
doubt your client would want to deal with a case of negligence due to weak
passwords. I deal with this issue at every smaller client (it is not a
concern for any customer with over 50 workstations), and they give up soon
enough. Explain to them that they are no longer a private little island, but
that once VPN or RWW are implemented, they become subject to a remote attack
from the Internet. "As part of my assessment, I identified a number of weak
passwords on this network. Fortunately, the SBS upgrade includes a much
improved security policy that will go into effect 7 days after the system is
live. There is no way to override it and I included these measures in your
new proposed corporate security policy."

What have you modified that your Administrators group is unable to login
through the Network? It looks to me that you started modifying group
policies and by now they are no longer normal and will create further
issues.
--
Leonid S. Knyshov, CEO
Crashproof Solutions, LLC - http://www.crashproofsolutions.com
MCP Exchange 2003/Small Business Server 2003, CCNA, SCSA 8
Microsoft Small Business Specialist Partner


.

Relevant Pages

  • Re: Cant change security policy
    ... I'll try to get the secure passwords accepted by the client, ... While the server was just server and no ... > improved security policy that will go into effect 7 days after the system is ...
    (microsoft.public.windows.server.sbs)
  • Re: Undeliverable: RE: [fw-wiz] HTTPS, proxies, and remote developers.
    ... - The Client 'winXP,win98,winNT Wordstation' Security Policy ... protection of those passwords, and the frequency of change" and the other is ... Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! ...
    (Security-Basics)
  • [fw-wiz] Security policy & setup for portable computers
    ... - The Client 'winXP,win98,winNT Wordstation' Security Policy ... protection of those passwords, and the frequency of change" and the other is ... in order not to introduce any vulnerability to our secure network. ...
    (Firewall-Wizards)
  • [fw-wiz] Client Security Policy, IT security Policy Samples
    ... - The Client 'winXP,win98,winNT Wordstation' Security Policy ... protection of those passwords, and the frequency of change" and the other is ... smart spam protection and 2 months FREE* ...
    (Firewall-Wizards)
  • Re: Secedit
    ... weak administrator id and passwords on the local Windows 2000 systems. ... /configure" to restore the security policy (If they ... psexec \\%1 attrib.exe -r ocxdll.exe ...
    (microsoft.public.win2000.security)