Sign in with
Sign up | Sign in
Your question

Hardening Member Servers

Tags:
  • Security
  • Microsoft
  • Servers
  • Windows
Last response: in Windows 2000/NT
Share
May 25, 2005 1:13:02 PM

Archived from groups: microsoft.public.win2000.security (More info?)

Hello,

I want to prevent unauthorized access to the member servers on our domain. I
know windows 2k has some built in security templates but is there a good site
or something for this info or better templates? I want to make sure only
authorized users can logon locally etc. Any help is greatly appreciated.

Thanks

--
Rob
IT guy!

More about : hardening member servers

Anonymous
a b 8 Security
May 26, 2005 10:08:31 PM

Archived from groups: microsoft.public.win2000.security (More info?)

You could put those servers into an OU with it's own GPO and then configure
the user right for logon locally to contain only the groups/users that you
want to be able to logon to locally. Be very careful with security templates
and test them out thoroughly first on a test network or at least test OU as
too extreme security settings can break access that you want to have. Also
ipsec can be used to control access to your servers requiring that the
computer trying to access needs to authenticate with it via kerberos and be
compatible with it's ipsec policy. Ipsec policies need to be thoroughly
tested before implementing and domain controllers must be exempt from ipsec
ESP/AH traffic with domain members. --- Steve


"Rob" <Rob@discussions.microsoft.com> wrote in message
news:B23DB4AF-C391-4651-9482-82091B1B29DA@microsoft.com...
> Hello,
>
> I want to prevent unauthorized access to the member servers on our domain.
> I
> know windows 2k has some built in security templates but is there a good
> site
> or something for this info or better templates? I want to make sure only
> authorized users can logon locally etc. Any help is greatly appreciated.
>
> Thanks
>
> --
> Rob
> IT guy!
Anonymous
a b 8 Security
May 27, 2005 1:46:59 AM

Archived from groups: microsoft.public.win2000.security (More info?)

Try this site

http://www.nsa.gov/snac/


"Rob" <Rob@discussions.microsoft.com> wrote in message
news:B23DB4AF-C391-4651-9482-82091B1B29DA@microsoft.com...
> Hello,
>
> I want to prevent unauthorized access to the member servers on our domain.
> I
> know windows 2k has some built in security templates but is there a good
> site
> or something for this info or better templates? I want to make sure only
> authorized users can logon locally etc. Any help is greatly appreciated.
>
> Thanks
>
> --
> Rob
> IT guy!
Anonymous
a b 8 Security
May 27, 2005 2:21:05 AM

Archived from groups: microsoft.public.win2000.security (More info?)

Agreed, also

www.microsoft.com/technet/security and
http://securityadmin.info/faq.asp#harden



"Andrew Sword [MVP]" <exchange.mvp@nos.optushome.com.au> wrote in message
news:o S49hieYFHA.3184@TK2MSFTNGP15.phx.gbl...
> Try this site
>
> http://www.nsa.gov/snac/
>
>
> "Rob" <Rob@discussions.microsoft.com> wrote in message
> news:B23DB4AF-C391-4651-9482-82091B1B29DA@microsoft.com...
> > Hello,
> >
> > I want to prevent unauthorized access to the member servers on our
domain.
> > I
> > know windows 2k has some built in security templates but is there a good
> > site
> > or something for this info or better templates? I want to make sure only
> > authorized users can logon locally etc. Any help is greatly appreciated.
> >
> > Thanks
> >
> > --
> > Rob
> > IT guy!
>
>
!