Threads Replies Last Post 7 Pages: 1  2  3  4  5  6  7   Safely change the Administrator accounts and names 2003 server Can I safely change the Domain Administrator account password and name and still have access to domain clients? I'm concerned that once I change the administrator account I won't have access to the clients and will have to bring them all back into the domain to get the GPO security back. Any cached policies would still be on the laptops untill they login into the domain correct? Do I even ne... 2 13.07.2007 04:56:45 Selective Security Wipe Wondering if anyone has a suggestion for how to perform selective deletion of data from multiple servers and volumes, that will meet DOD erasure standards when completed? One of our clients is not using our services any longer and has requested all data pertaining to their business, be deleted from any and all servers. Obviously backups will need to be addressed, but there are over 40 serve... 2 13.07.2007 04:53:04 Block Remote Control Hi; Working on Win2003, how do block the Remote Control in my user session. Tks. Alvaro... 8 12.07.2007 18:39:15 Domain Controllers grabbed Certificates from wrong Cert Authority we use a microsoft cert authority to allow Peoplesoft to authenticate against our AD. Another tech setup his out cert authority and now our DC's have all switched to that instead of the proper Cert Authority. How can i switch the domain controllers certificate to the proper cert. Is it as simple as revoke the bad cert disable the rogue cert authority then request new certs? ... 1 12.07.2007 16:32:00 Restrict AD-User to one X509 Certificate per Certificate template? Is it possible to configure an Windows 2003 Server CA-Template (V2) to restrict AD-users to have only one certificate issued per template at a time? Renewal should of course still be possible... ... 1 12.07.2007 16:18:59 File Security I have aW2K3 server that belongs to a domain. I would like to set security privileges for files with the authority being the directory that is the domain controller. However the locations only shows the local host (the server itself). What do I need to do to see the Directory from the domain controller > Thanks, RM. ... 2 12.07.2007 15:26:34 RPC Security Service fails to start on Windows 2003 Server Whenever I start this Windows 2003 Server, the RPC Security Service fails to start. Does anybody know what could cause this? What does this service do, and could be the consequences of this service not running? Is the server vulnerable without it? What steps could I take to make sure it does run? Thanks ... 2 12.07.2007 15:24:15 how to restrit some website Hello all, I have a computer. I would like to be able to restrict some unwanted sites.and how to reopen that particular website. Where can this setting be done globally for either the terminal services users or even just by specifying the machine names? Thanks for your help, ... 1 12.07.2007 03:49:25 Restrict users to one or two websites? Hello all, I have 4 computers which are remote point-of-sale terminals and they log into our system using terminal server. I would like to be able to restrict them to be able to get to the company website and our online timeclock sites ONLY. Where can this setting be done globally for either the terminal services users or even just by specifying the machine names? Thanks for your hel... 7 11.07.2007 18:48:44 Setting up LDAPS Does anyone have a link to information on how to setup LDAPS on a Windows 2003 domain? Thanks! ... 1 11.07.2007 18:41:38 Additional restrictions for unprivileged service accounts When I create service accounts, I tend to restrict their access as much as possible. In Active Directory domains, I follow Microsoft's A-G-DL-P model very strictly. For instance, I have a service account named "s-eporeviewer" that is a member of the global group "ggs-irtnognet-EpoDatabaseReviewers" (a business role), which in turn is a member of the domain-local group "dls-irtnognet-Sqlsvr... 1 11.07.2007 16:23:21 USER AND TERMINAL SERVER Hi! I have a user on a 2003 Server wich is member of group "users". I made this user member os group "users of remote desktop" to allow this user to logon from terminal server, but when I try it, appears a window telling I can't login because I have no permission. What can I do?. Thanks. ... 9 11.07.2007 09:42:15 Windows Server 2003 R2 CA Web Enrollment Missing Templates Hello, I have a Windows Server 2003 R2 Enterprise system setup with AD and as a CA. It also has IIS installed for Web Enrollment. However, even from the system itself, when I go to http://localhost/certsrv, request a certificate, advanced certificate request, submit a certificate request by using... the only templates I have available for enrollment are Basic EFS and User. I am log... 3 10.07.2007 22:22:00 MS Evaluation Copy 2003 R2 The Remote Installation Service is not available as an option on this evaulation copy. I do need to look at and evaulate it. Does anyone know where I can obtain the Remote Installation Service Files PS The option to install RIS is not on the Add/Remove programs as stated in the documentation. Thanks in advance.... 3 10.07.2007 21:36:42 Determining when an account last logged in Windows Server 2003 - I'm trying to find a way to determine when an account last logged in. I would have through I could have selected the account in question and selected properties and viewed that info there... perhaps on the Object tab, but no luck. Can I view this info or do I have to look through the event logs? ... 5 10.07.2007 18:14:43 Restricting service accounts that have administrator privileges I have a service account with administrator rights that I would like to restrict to just performing software installs. The account needs to be able to copy files to the administrative shares on the target computer (servers and workstations), then execute the setup program via RPC. Once installed, the software will run as a service in the LocalSystem security context. How might I restrict... 9 10.07.2007 18:12:54 stop access from one ethernet adaptor Hi all, I have a windows 2003 x64 standard server the system has 3 ethernet adaptors in it, one connected to our local network, one to our primary ISP and one to our Secondary ISP. the system is setup as a VPN Server and an Exchange 2007 server, I have run through the Security Configuration Wizard, and stopped services that i'm not going to be using on the server, however the server ... 1 10.07.2007 13:32:45 add permissions to all subfolders, not replace I'd like to add a security group to my Windows 2003 domain which is denied file permissions on all but one of my network's shared folders. I already have quite a large directory structure setup with varying permissions on the subfolders and these permissions need to be preserved. For example: Main Shared Folder (all domain users) Accounting (accountant only) Database (DB admin only) ... 2 10.07.2007 01:55:19 IAS + user smartcard + workstation certificate Hi ! I want wireless clients use PKI and IAS to get to network. My idea is workstation is verified via workstation-certificate before user use his smartcard (authentication via user certificate on his card). I know I can use workstation-certificate OR user-smartcard option. Is this possible to set it together as a access-sequence ? Thanks in advance Dominik ... 4 09.07.2007 12:32:17 W2K3 or W2K8: how to modify Enterprise RootCA + CertificateTemplates for "EV"-security/green-bar Hi, since "extended verification" (EV) and resulting green-bar in IE7 is just a matter of proper RootCA and ServerCert attributes I'm wondering how to enable EV-features for a W2K3 EnterpriseRootCA to display green-bar even for intranet SSL sites. Anybody got a clue how to? thanks! -- CU Thorsten Rood... 1 08.07.2007 22:57:46 Server caching credentials? I have renamed the Administrator account on my domain. I have one Windows Server 2003 server that refuses to allow me to log on with the renamed account. It will allow me to log on using the old account name and password only. All the other servers on my domain recognize the renamed account and password. Any advise on how to fix this would be appreciated. ... 4 07.07.2007 17:07:27 Administrator account Due to turnover in our IT shop we are trying to tighten up security. The first order of business is to do something with out Administrator account. The Administrator account was renamed a long time ago to a name within the naming scheme of the rest of the users. Since all of the people who left our shop know this account, what is the best way to change this? Should I rename the account a... 4 07.07.2007 04:43:49 sbs2003 and users rights on local computer This is a multi-part message in MIME format. ------=_NextPart_000_0020_01C7BEF0.9E541ED0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable hi all, i was wondering how you give rights to a user logging into a domain = computer, so that they can install software. I dont want them to have = admin rights all over the network, but do want them to... 7 07.07.2007 04:36:28 Event 531 We are getting the following event on only one of our many servers. Event Type: Failure Audit Event Source: Security Event Category: Logon/Logoff Event ID: 531 Date: 6/27/2007 Time: 11:25:00 PM User: NT AUTHORITY\SYSTEM Computer: {computername} Description: Logon Failure: Reason: Account currently disabled User Name: Domain: Logon Type: 3 Logon Process: Authz ... 2 06.07.2007 19:18:27 How to setup "Prevent interference of the session lock from application generated input" Hello: I would like to apply the following security setting on the existing windows machine. However the key was under HKCU, can you kindly let me know how can I set can apply to all users? HKCU\Software\Policies\Microsoft\Windows\Control Panel\Desktop Key: Desktop Value Name: BlockSendInputResets Type: REG_SZ Value: 1 Thanks!... 1 06.07.2007 10:04:15 7 Pages: 1  2  3  4  5  6  7