Your Complete Guide to Configuring a Secure Windows 2000 Network

Total Page:16

File Type:pdf, Size:1020Kb

Your Complete Guide to Configuring a Secure Windows 2000 Network 181_HPnew_FC 9/20/01 11:51 AM Page 1 1 YEAR UPGRADE BUYER PROTECTION PLAN ™ www.sharexxx.net - free books & magazines Your Complete Guide to Configuring a Secure Windows 2000 Network • Complete Coverage of Internet Information Services (IIS) 5.0 • Hundreds of Configuring & Implementing, Designing & Planning Sidebars, Security Alerts, and FAQs • Complete Coverage of Kerberos, Distributed Security Services, and Public Key Infrastructure Chad Todd Norris L. Johnson, Jr. Technical Editor From the authors of the bestselling HACK PROOFING™ YOUR NETWORK 181_SerSec2e_FM 9/20/01 1:07 PM Page i [email protected] With more than 1,500,000 copies of our MCSE, MCSD, CompTIA, and Cisco study guides in print, we continue to look for ways we can better serve the information needs of our readers. One way we do that is by listening. Readers like yourself have been telling us they want an Internet-based ser- vice that would extend and enhance the value of our books. Based on reader feedback and our own strategic plan, we have created a Web site that we hope will exceed your expectations. [email protected] is an interactive treasure trove of useful infor- mation focusing on our book topics and related technologies. The site offers the following features: I One-year warranty against content obsolescence due to vendor product upgrades. You can access online updates for any affected chapters. I “Ask the Author”™ customer query forms that enable you to post questions to our authors and editors. I Exclusive monthly mailings in which our experts provide answers to reader queries and clear explanations of complex material. I Regularly updated links to sites specially selected by our editors for readers desiring additional reliable information on key topics. Best of all, the book you’re now holding is your key to this amazing site. Just go to www.syngress.com/solutions, and keep this book handy when you register to verify your purchase. Thank you for giving us the opportunity to serve your needs. And be sure to let us know if there’s anything else we can do to help you get the maximum value from your investment. We’re listening. www.syngress.com/solutions 181_SerSec2e_FM 9/20/01 1:07 PM Page ii 181_SerSec2e_FM 9/20/01 1:07 PM Page iii 1 YEAR UPGRADE BUYER PROTECTION PLAN ™ Chad Todd Norris L. Johnson, Jr. Technical Editor From the authors of the bestselling HACK PROOFING™ YOUR NETWORK 181_SerSec2e_FM 9/20/01 1:07 PM Page iv Syngress Publishing, Inc., the author(s), and any person or firm involved in the writing, editing, or production (collectively “Makers”) of this book (“the Work”) do not guarantee or warrant the results to be obtained from the Work. There is no guarantee of any kind, expressed or implied, regarding the Work or its contents.The Work is sold AS IS and WITHOUT WARRANTY.You may have other legal rights, which vary from state to state. In no event will Makers be liable to you for damages, including any loss of profits, lost savings, or other incidental or consequential damages arising out from the Work or its contents. Because some states do not allow the exclusion or limitation of liability for consequential or incidental damages, the above limitation may not apply to you. You should always use reasonable care, including backup and other appropriate precautions, when working with computers, networks, data, and files. Syngress Media®, Syngress®, and “Career Advancement Through Skill Enhancement®,” are registered trademarks of Syngress Media, Inc. “Ask the Author™,” “Ask the Author UPDATE™,” “Mission Critical™,” “Hack Proofing™,” and “The Only Way to Stop a Hacker is to Think Like One™” are trademarks of Syngress Publishing, Inc. Brands and product names mentioned in this book are trademarks or service marks of their respective companies. KEY SERIAL NUMBER 001 AJNR2U394F 002 BKAER9325R 003 ZLKRT9BSW4 004 VKF95TMKMD 005 BWE9SD4565 006 CAL44GMLSA 007 XD2KLFW3RM 008 QM4VLR39P6 009 5MVREM56PK 010 9VNLA2MER3 PUBLISHED BY Syngress Publishing, Inc. 800 Hingham Street Rockland, MA 02370 Hack Proofing Windows 2000 Copyright © 2001 by Syngress Publishing, Inc.All rights reserved. Printed in the United States of America. Except as permitted under the Copyright Act of 1976, no part of this publication may be reproduced or distributed in any form or by any means, or stored in a database or retrieval system, without the prior written permission of the publisher, with the exception that the program listings may be entered, stored, and executed in a computer system, but they may not be reproduced for publication. Printed in the United States of America 1 2 3 4 5 6 7 8 9 0 ISBN: 1-931836-49-3 Technical Editor: Norris L. Johnson, Jr. Cover Designer: Michael Kavish Co-Publisher: Richard Kristof Page Layout and Art by: Shannon Tozier Acquisitions Editor: Catherine B. Nolan Copy Editor: Darlene Bordwell Developmental Editor: Jonathan Babcok Indexer: Robert Saigh Freelance Editorial Manager: Maribeth Corona-Evans Distributed by Publishers Group West in the United States and Jaguar Book Group in Canada. 181_SerSec2e_FM 9/20/01 1:07 PM Page v Acknowledgments We would like to acknowledge the following people for their kindness and support in making this book possible. Richard Kristof and Duncan Anderson of Global Knowledge, for their generous access to the IT industry’s best courses, instructors, and training facilities. Ralph Troupe, Rhonda St. John, and the team at Callisma for their invaluable insight into the challenges of designing, deploying and supporting world-class enterprise networks. Karen Cross, Lance Tilford, Meaghan Cunningham, Kim Wylie, Harry Kirchner, Kevin Votel, Kent Anderson, Eric Green, Dave Dahl, Elise Cannon, Chris Barnard, John Hofstetter, and Frida Yara of Publishers Group West for sharing their incredible marketing experience and expertise. In addition, a special thanks to Janis Carpenter, Kimberly Vanderheiden, and all of the PGW Reno staff for help on recent projects. Mary Ging, Caroline Hird, Simon Beale, Caroline Wheeler,Victoria Fuller, Jonathan Bunkell, and Klaus Beran of Harcourt International for making certain that our vision remains worldwide in scope. Anneke Baeten and Annabel Dent of Harcourt Australia for all their help. David Buckland,Wendi Wong, Daniel Loh, Marie Chieng, Lucy Chong, Leslie Lim, Audrey Gan, and Joseph Chan of Transquest Publishers for the enthusiasm with which they receive our books. Kwon Sung June at Acorn Publishing for his support. Ethan Atkin at Cranbury International for his help in expanding the Syngress program. Joe Pisco, Helen Moyer, Paul Zanoli,Alan Steele, and the great folks at Graphic Services/InterCity Press for all their help. v 181_SerSec2e_FM 9/20/01 1:07 PM Page vi From the Author I would like to thank Paul Salas, coauthor of Administering Cisco QOS for IP Networks by Syngress Publishing, for introducing me to the folks at Syngress and Chris Jackson for his support and encouragement. I would also like to thank the authors of Configuring Windows 2000 Server Security, Thomas Shinder, Debra Shinder, and Lynn White, for providing the foundation for this book. Finally, a thank you to the editors that made this book possible—Jon Babcock, Catherine Nolan, Norris Johnson, Thomas Llewellyn, and Melissa Craft. I would also like to thank my wife Sarah who is a tremendous help in my work and supportive of the numerous hours spent on my various projects.Without Sarah’s loving support, I would not be able to accomplish my personal or professional goals. 181_SerSec2e_FM 9/20/01 1:07 PM Page vii Author Chad Todd (MCSE, MCT, CNE, CNA,A+, Network+, i-Net+) is a Systems Trainer for Ikon Education Services, a global provider of tech- nical training. He currently teaches Windows 2000 Security classes. In addition to training for Ikon, Chad also provides private consulting for small- to medium-sized companies. Chad writes practice tests for Boson Software and is the coauthor of Test 70-227:Installing, Configuring, and Administering Microsoft Internet Security and Acceleration (ISA) Server 2000, Enterprise Edition. Chad first earned his MCSE on Windows NT 4.0 and has been working with Windows 2000 since its first beta release. He was awarded Microsoft Charter Member 2000 for being one of the first 2000 engineers to attain Windows 2000 MCSE certification. Chad lives in Columbia, SC with his wife Sarah. Technical Editor Norris L. Johnson, Jr. (MCSE, MCT, CTT,A+, Network +) is a Technology Trainer and Owner of a consulting company in the Seattle- Tacoma area. His consultancies have included deployments and security planning for local firms and public agencies. He specializes in Windows NT 4.0 and Windows 2000 issues, providing planning and implementation and integration services. In addition to consulting work, Norris is a Trainer for the AATP program at Highline Community College’s Federal Way,WA campus and has taught in the vocational education arena at Bates Technical College in Tacoma,WA. Norris holds a bachelor’s degree from Washington State University. He is deeply appreciative of the guidance and support pro- vided by his parents and wife Cindy while transitioning to a career in Information Technology. vii 181_SerSec2e_FM 9/20/01 1:07 PM Page viii Contributors Dr. Thomas W. Shinder, M.D. (MCSE, MCP+I, MCT) is a Technology Trainer and Consultant in the Dallas-Ft.Worth metroplex. He has consulted with major firms, including Xerox, Lucent Technologies, and FINA Oil, assisting in the development and implementation of IP-based communica- tions strategies.Tom is a Windows 2000 editor for Brainbuzz.com, a Windows 2000 columnist for Swynk.com, and is the author of Syngress’s bestselling Configuring ISA Server 2000 (1-928994-29-6). Tom attended medical school at the University of Illinois in Chicago and trained in neurology at the Oregon Health Sciences Center in Portland, OR.
Recommended publications
  • Microsoft Windows 95 Reviewer’S Guide
    1 CHAPTER 10 Systems Management Windows 95 is the first version of Windows expressly designed for manageability. The design ensures that management of the Windows 95 PC is accessible both locally and remotely via a privileged network manager. Network security is used to determine administrator-privileged accounts using pass-through security. Windows 95 also provides for PC users to be logically separated from the underlying configuration of their PCs so that the PC and user configurations and privileges can be managed independently. As a result, network managers can allow users to “rove” on the network—that is, log on from virtually any PC on the network and then operate from a desktop that has the correct settings and network privileges. The logical separation also means that a single PC can be shared by multiple users, each with a different desktop configuration and different network privileges. Given the proliferation of PCs connected to corporate networks, the Windows 95 PC must be able to participate in any network-wide management schemes. Windows 95 is designed to meet various network management criteria by providing built-in support for several of the key network management standards. With this infrastructure built into Windows 95, network management applications will be able to provide tools for network managers to keep PCs and networks running more efficiently and cost effectively. Open management interfaces are key to the management implementation in Windows 95. Where a standard exists, Windows 95 implements an enabling technology to embrace the standard—for example, an SNMP agent is supplied to enable remote management of Windows 95 PCs via any number of third-party SNMP consoles.
    [Show full text]
  • Hacks, Cracks, and Crime: an Examination of the Subculture and Social Organization of Computer Hackers Thomas Jeffrey Holt University of Missouri-St
    View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by University of Missouri, St. Louis University of Missouri, St. Louis IRL @ UMSL Dissertations UMSL Graduate Works 11-22-2005 Hacks, Cracks, and Crime: An Examination of the Subculture and Social Organization of Computer Hackers Thomas Jeffrey Holt University of Missouri-St. Louis, [email protected] Follow this and additional works at: https://irl.umsl.edu/dissertation Part of the Criminology and Criminal Justice Commons Recommended Citation Holt, Thomas Jeffrey, "Hacks, Cracks, and Crime: An Examination of the Subculture and Social Organization of Computer Hackers" (2005). Dissertations. 616. https://irl.umsl.edu/dissertation/616 This Dissertation is brought to you for free and open access by the UMSL Graduate Works at IRL @ UMSL. It has been accepted for inclusion in Dissertations by an authorized administrator of IRL @ UMSL. For more information, please contact [email protected]. Hacks, Cracks, and Crime: An Examination of the Subculture and Social Organization of Computer Hackers by THOMAS J. HOLT M.A., Criminology and Criminal Justice, University of Missouri- St. Louis, 2003 B.A., Criminology and Criminal Justice, University of Missouri- St. Louis, 2000 A DISSERTATION Submitted to the Graduate School of the UNIVERSITY OF MISSOURI- ST. LOUIS In partial Fulfillment of the Requirements for the Degree DOCTOR OF PHILOSOPHY in Criminology and Criminal Justice August, 2005 Advisory Committee Jody Miller, Ph. D. Chairperson Scott H. Decker, Ph. D. G. David Curry, Ph. D. Vicki Sauter, Ph. D. Copyright 2005 by Thomas Jeffrey Holt All Rights Reserved Holt, Thomas, 2005, UMSL, p.
    [Show full text]
  • Software Deployment by GPO the Next Area to Look at Is Software Deployment Gpos
    MCITP 70-622 Exam Cram: Supporting and Troubleshooting Applications on a Associate Publisher Windows Vista® Client for Enterprise Support Technicians David Dusthimer Copyright © 2008 by Que Publishing All rights reserved. No part of this book shall be reproduced, stored in a retrieval sys- Executive Editor tem, or transmitted by any means, electronic, mechanical, photocopying, recording, or Betsy Brown otherwise, without written permission from the publisher. No patent liability is assumed with respect to the use of the information contained herein. Although every Development Editor precaution has been taken in the preparation of this book, the publisher and authors Box Twelve assume no responsibility for errors or omissions. Nor is any liability assumed for dam- Communications, Inc. ages resulting from the use of the information contained herein. ISBN-13: 978-0-7897-3719-9 Technical Editors ISBN-10: 0-7897-3719-1 Chris Crayton Pawan Bhardwaj Library of Congress Cataloging-in-Publication Data Mancuso, Paul. Managing Editor MCITP 70-622 exam cram / Paul Mancuso, David Miller. Patrick Kanouse p. cm. Project Editor ISBN 978-0-7897-3719-9 (pbk. w/cd) Seth Kerney 1. Electronic data processing personnel—Certification. 2. Microsoft software— Examinations—Study guides. 3. Microsoft Windows (Computer file) I. Miller, David. Copy Editor II. Title. Chuck Hutchinson QA76.3.M3245 2008 005.4’46—dc22 Indexer 2008016537 WordWise Printed in the United States of America Publishing, Inc. First Printing: May 2008 Trademarks Proofreader All terms mentioned in this book that are known to be trademarks or service marks Kathy Ruiz have been appropriately capitalized. Que Publishing cannot attest to the accuracy of this information.
    [Show full text]
  • System Policies to Group Policies: Issues, Improvements, and Best Practices, Part 2
    84-02-07 DATA SECURITY MANAGEMENT SYSTEM POLICIES TO GROUP POLICIES: ISSUES, IMPROVEMENTS, AND BEST PRACTICES, PART 2 Melissa Yon INSIDE Dealing with Existing NT4 System Policies; Comparing System Policy to Group Policy; Windows 2000 Clients Without Active Directory, or Active Directory with Downlevel Clients; Group Policy Best Practices INTRODUCTION Part 1 (84-02-06) of this article series discussed the planning and designing of group policies. The goal was to make you aware of Group Policies, how to configure Group Policies, and how to link Group Policies to sites, domains, or organizational units (OUs) so they will be processed. This ar- ticle is a continuation of Part 1 (84-02-06) but addresses issues with clients who already process System Policies, applying a security policy to down- level clients, and best practices when enabling Group Policies on Win- dows 2000 Active Directory. DEALING WITH EXISTING NT4 SYSTEM POLICIES PAYOFF IDEA NT4 System Policies are the precursor If one’s company has never used System Policies, to Windows 2000 Group Policies. In then one is starting with a clean slate. However, if NT4, there are greater than 70 differ- implementing System Policies, there may be sev- eral things in the registry that no longer need to be ent settings through System Policy to a there. You will need to evaluate your environment machine, user, or a NT group of users. and decide if you want to implement Group Poli- While this addition to Windows is a cies over the System Policies, or if you need a very big step in the right direction, it clean install of the operating system before ap- plying Group Policies.
    [Show full text]
  • Windows Server 2008 and Windows Vista Ebook
    ● ● ● ● ● ● ● ● ● ● ● How to access your CD files The print edition of this book includes a CD. To access the CD files, go to http://aka.ms/625143/files, and look for the Downloads tab. Note: Use a desktop web browser, as files may not be accessible from all ereader devices. Questions? Please contact: [email protected] Microsoft Press PUBLISHED BY Microsoft Press A Division of Microsoft Corporation One Microsoft Way Redmond, Washington 98052-6399 Copyright © 2008 by Derek Melber All rights reserved. No part of the contents of this book may be reproduced or transmitted in any form or by any means without the written permission of the publisher. Library of Congress Control Number: 2008920568 Printed and bound in the United States of America. 1 2 3 4 5 6 7 8 9 QWT 3 2 1 0 9 8 Distributed in Canada by H.B. Fenn and Company Ltd. A CIP catalogue record for this book is available from the British Library. Microsoft Press books are available through booksellers and distributors worldwide. For further infor- mation about international editions, contact your local Microsoft Corporation office or contact Microsoft Press International directly at fax (425) 936-7329. Visit our Web site at www.microsoft.com/mspress. Send comments to [email protected]. Microsoft, Microsoft Press, Active Desktop, Active Directory, ActiveX, BitLocker, Excel, FrontPage, HotStart, InfoPath, Internet Explorer, NetMeeting, OneNote, Outlook, PowerPoint, SideShow, Visio, Visual Basic, Visual Studio, Windows, Windows Live, Windows Media, Windows NT, Windows PowerShell, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.
    [Show full text]
  • Server Operating System
    Server Operating System ® White Paper Guide to Microsoft® Windows NT® 4.0 Profiles and Policies © 1997 Microsoft Corporation. All rights reserved. The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the date of publication. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information presented after the date of publication. This White Paper is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. Microsoft, the BackOffice logo, MS-DOS, Windows, and Windows NT are registered trademarks of Microsoft Corporation. Other product or company names mentioned herein may be the trademarks of their respective owners. Microsoft Corporation • One Microsoft Way • Redmond, WA 98052-6399 • USA 0997 Abstract This guide provides information and procedures for implementing Microsoft® Windows NT® 4.0 Profiles and Policies on client workstations and servers. A Microsoft Windows NT 4.0 User Profile describes the Windows NT configuration for a specific user, including the user’s environment and preference settings. A System Policy is a set of registry settings that together define the computer resources available to a group of users or an individual. With the addition of System Policies and the new User Profile structure to Windows NT 4.0, network administrators have a greater ability to control the user environment than they have ever had before. This document provides the details that administrators need to know to implement a rollout of User Profiles and System Policies under Windows NT 4.0.
    [Show full text]
  • Mastering Windows XP Registry
    Mastering Windows XP Registry Peter Hipson Associate Publisher: Joel Fugazzotto Acquisitions and Developmental Editor: Ellen L. Dendy Editor: Anamary Ehlen Production Editor: Elizabeth Campbell Technical Editor: Donald Fuller Electronic Publishing Specialist: Maureen Forys, Happenstance Type-O-Rama Proofreaders: Nanette Duffy, Emily Hsuan, Laurie O'Connell, Yariv Rabinovitch, Nancy Riddiough Book Designer: Maureen Forys, Happenstance Type-O-Rama Indexer: Ted Laux Cover Designer: Design Site Cover Illustrator: Sergie Loobkoff Copyright © 2002 SYBEX Inc., 1151 Marina Village Parkway, Alameda, CA 94501. World rights reserved. The author(s) created reusable code in this publication expressly for reuse by readers. Sybex grants readers limited permission to reuse the code found in this publication or its accompanying CD-ROM so long as the author is attributed in any application containing the reusable code and the code itself is never distributed, posted online by electronic transmission, sold, or commercially exploited as a stand-alone product. Aside from this specific exception concerning reusable code, no part of this publication may be stored in a retrieval system, transmitted, or reproduced in any way, including but not limited to photocopy, photograph, magnetic, or other record, without the prior agreement and written permission of the publisher. First edition copyright © 2000 SYBEX Inc. Library of Congress Card Number: 2002100057 ISBN: 0-7821-2987-0 SYBEX and the SYBEX logo are either registered trademarks or trademarks of SYBEX Inc. in the United States and/or other countries. Mastering is a trademark of SYBEX Inc. Screen reproductions produced with FullShot 99. FullShot 99 © 1991-1999 Inbit Incorporated. All rights reserved.FullShot is a trademark of Inbit Incorporated.
    [Show full text]
  • A Records, 244–245, 279 -A Switch in Nbtstat, 190 in Netstat, 186 AAS Deployment Package, 710 .Aas Extension, 712 Abstract
    22_InsideWin_Index 13/3/03 9:50 AM Page 1269 Index A A records, 244–245, 279 ACEs (Access Control Entries) -a switch access masks in, 568–570 in Nbtstat, 190 command-line tools for, 572–576 in Netstat, 186 for cumulative permissions, 577 AAS deployment package, 710 for deny permissions, 578 .aas extension, 712 inheritance in, 579–580, 725–728 Abstract classes, 299–300 object ownership in, 572 Accelerated Graphics Port (AGP) adapters, 164 viewing and modifying, 570–571 Access Control Entries. See ACEs (Access ACKs in DHCP, 101–102 Control Entries) ACL Editor, 570, 723 Access control lists (ACLs) Advanced view in Active Directory security, 732–734 for inheritance, 578, 581 objects in, 339 for ownership, 572 in security descriptors, 559 for special permissions, 723–724 Access Control Settings window, 728 Edit view, 725–726 Access masks for permissions inheritance, 578 in ACEs, 568–570 blocking, 579 in DSOs, 733 settings for, 581 Access requests in Kerberos, 621 viewings, 582 Access rights. See also Permissions ACLs (access control lists) in Active Directory security in Active Directory security, 732–734 delegation, 729–732 objects in, 339 types of, 724–725 in security descriptors, 559 for group policies, 682 ACPI (Advanced Configuration and Power Access tokens Interface) contents of, 560–561 compatibility of, 23–28, 148–149 local, 559 kernel version for, 135 SIDs in, 559, 561, 581 for PnP,17, 147–149 ACCM (Asynchronous-Control- ACPIEnable option, 149 Character-Map), 1124 Activation Account domain upgrades, 496–498 in IA64, 130 BDC, 494–496 in installation, 49–50 PDC, 490–493 unattended setup scripts for, 95 Account lockout policies Active Directory, 238 in domain design, 429 bulk imports and exports in, 353–356 in password security, 593–594 DNS deployment in, 242–243 Account logons, auditing, 647 DNS integration in, 238–239 Account management, auditing, 511, 648 dynamic updates, 244–245 Accounts in domain migration.
    [Show full text]
  • Writing Custom ADM Files for System Policy Editor Page 1 of 4
    KB225087 - Writing Custom ADM Files for System Policy Editor Page 1 of 4 Knowledge Base Writing Custom ADM Files for System Policy Editor PSS ID Number: 225087 Article Last Modified on 6/24/2004 The information in this article applies to: Microsoft Windows NT Server 4.0 Terminal Server Edition Microsoft Windows 2000 Server Microsoft Windows 2000 Advanced Server Microsoft Windows NT Server 4.0 Microsoft Windows NT Server, Enterprise Edition 4.0 This article was previously published under Q225087 IMPORTANT : This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base: 256986 Description of the Microsoft Windows Registry SUMMARY This article is a guide for writing custom ADM files for use with System Policy Editor. System Policy Editor's interface, comprised of all of the books, check boxes, and text boxes you see when you open a computer or user of group policy, is created with a template. The system policy template, or ADM file, is a simple program that instructs System Policy Editor what books, check boxes, and other input controls to present to the administrator. For more information about writing an ADM file for group policy, see the white paper ("Implementing Registry- Based Group Policy") at the following Microsoft Web site: http://www.microsoft.com/WINDOWS2000/techinfo/howitworks/management/rbppaper.asp MORE INFORMATION Templates Specify the Registry Change There are two default templates included when you install Windows NT.
    [Show full text]
  • Guide to Understanding the Group Policy.Pdf
    Step-by-Step Guide to Understanding the Group Policy Feature Set Page 1 of 17 Windows 2000 Server Step-by-Step Guide to Understanding the Group Policy Feature Set Operating System Abstract Group Policy is the central component of the Change and Configuration Management features of the Microsoft® Windows® 2000 operating system. Group Policy specifies settings for groups of users and of computers, including registry-based policy settings, security settings, software installation, scripts (computer startup and shutdown, and log on and log off), and folder redirection. This paper is a technical step-by-step guide of the capabilities of Group Policy. It is intended for IT managers, system administrators, and others who are interested in using Group Policy to manage users' desktop environments. Introduction This document is part of a set of step-by-step guides that introduce IT managers and system administrators to the features of the Windows 2000® operating system. This document presents a brief overview of Group Policy, and shows how to use the Group Policy snap-in to specify policy settings for groups of users and of computers. It includes information on: l Configuring the Group Policy snap-in. l Creating and managing Group Policy objects. l Setting options for registry-based policy, scripts, and loopback policy. l Using security groups with Group Policy. l Linking multiple Group Policy Objects. l Blocking and enforcing Group Policy. Group Policy and the Active Directory In Windows 2000, administrators use Group Policy to enhance and control users' desktops. To simplify the process, administrators can create a specific desktop configuration that is applied to groups of users and computers.
    [Show full text]
  • Windows Powertoys FAQ
    Windows PowerToys FAQ Home > Articles > Here Windows PowerToys FAQ for Windows 95, 98, ME, 2000 & XP Version 9.0, Updated August 5, 2005 Hold mouse here for list of most recent changes. Receive notice whenever this page is updated. What are the Windows PowerToys? Original Windows PowerToys The original Windows PowerToys are extra goodies that simply should have been part of Windows 95 at the beginning. The designers of the Windows 95 shell wrote them for their own use initially, and later were permitted to post them as free, unsupported add-ons (which work very well despite the official “unsupported” stance). For several years, I have thought of them simply as indispensable parts of a standard Windows install. Mostly, these original PowerToys work very well not only in Windows 95, but also in Windows 98, Windows Millennium Edition (ME), and Windows XP. This FAQ explains which ones do and do not work in each of these versions of Windows. Windows XP PowerToys Microsoft has released an entirely new set of PowerToys custom created for Windows XP, including TweakUI 2.0 (which, in this FAQ, I’ll simply call “TweakUI XP”). This is the first new issue of a PowerToys set since Windows 95. With only a couple of exceptions, these tools do not at all duplicate the original Win95 PowerToys. This means that most of the original Win95 PowerToy set is also still very useful and desirable on Win XP in addition to the new XP PowerToys. Where can I get the Windows PowerToys? Original Windows PowerToys Here is the direct Microsoft link to the original PowerToys.
    [Show full text]
  • Scope of Work. Potential Vendor Should Provide Server / System
    PDCC DATABASE and SERVER/SYSTEM Facility Management Services(FMS) Scope Of Work. Potential Vendor should provide Server / System and Database Facility Management Services (FMS) at Banks Data Centre located at Head Office, 4B, B. J. Road, Pune – 411 001 & DR Center located at Baramati branch Office. Potential Vendor should provide Competent Technically skilled, experienced resources (DBA Certification Like Microsoft SQL 2008 R2 etc.. is must) responsible for Server/ System Management & Administration, Database Management & administration and other necessary & trouble shooting activities in order to execute the Banking business across Branches in coordination with Banks IT Department. Potential Vendor Working Hrs will be mandatorily to support in all the Three Shifts at Banks DC & DR offices primarily to make sure Banking Services are available 24*7*365 time Window under the RBI’s and other Compliance Authority working Guideline. However Potential Vendor and Bank can mutually decide the best suitable Shift timeline. The following are the list of services covered under Facility Management Services. Server / System Management and Administration Support - Server / System level Installation & Configuration Services, - Setting up and configuring servers and corresponding application as per configuration Industry best practices and guidelines. - Optimizing the System/ Server Resources to ensure Power Utilization, High availability and Maximize the Uptime of 99.0% during 24*7*365 Time Window. - Installation / re-installation of Windows or any other Operating System / OS utilities acquired by Bank course of FMS period. - Monitoring Operations, OS & Hardware Support - Seamless and smooth monitoring mechanism has to be created so that to keep servers stable, reliable and their operations efficient. Also User Management such as (User registration, User ID Creation, maintaining user profiles, granting user access, authorization, and user password support), H/w device management, Application/File System backup management, and support for print, file and directory services etc.
    [Show full text]