Solved

How to apply a centralised security policy in a unix-windows envronment?

Posted on 2003-12-03
3
267 Views
Last Modified: 2013-12-04
hello Sir,

i would be grateful if you could advise me on the strategy to implement the following:

Current Site Definition(Scenario):
-----------------------
Compaq server with Unix installed. There are 28 PCs with Win 95 and 6 PCs with Win 98 on a LAN. Furthemore, there are 12 PCs with Win 95 and 9 PCs with Win 98 on a WAN which connects to the main server via a router (The company considers the router as their Remote Access Server).

i want to implement a solution, preferably a centralised security policy, which will allow the administrator to prevent users from manipulating the config. of the workstations on the WAN and LAN.

Awaiting a positive reply from you.
Thanks & Regards
VASHINEE19
software engineer
0
Comment
Question by:VASHINEE19
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 10

Accepted Solution

by:
KingHollis earned 125 total points
ID: 9892550
With the absence of a domain controller you will have to implement system policies locally.

System policies are normally located at domain controllers however local system policies can be implemented as follows. First you will need the Windows 9x poledit.exe tool which is located in the

+ Admin\Apptools\Poledit folder on the Windows 95 CD
+ Tools\Reskit\Netadmin\Poledit folder on the Windows 98 CD

You should use the Add/Remove Programs tool in Control Panel to install System Policy Editor.

Once you have the utility you should proceed as follows:

1. Click the Start button, and then click Run.
2. In the Open box, type "poledit" (without quotation marks), and then click OK.
3. In System Policy Editor, click Open Registry on the File menu.
4. Double-click the Local Computer icon, then the Network icon, and then double-click the Update icon.
5. Click the Remote Update check box, and then click Manual in the Update Mode box. In the Path box, type the path and file name for your system policy file. You can place this file in any folder on the hard disk. Click OK. This file MUST have a .pol extension or you will receive a failuer in step 8.
6. On the File menu, click Save. On the File menu, click New File.
7. Select the system policy settings you want to use.
8. On the File menu, click Save As. Save the file with the name and path you used in step 5.
9. Quit System Policy Editor, and then restart Windows.

It would be pertinent to remove Poledit after you've set the policy to avoid users changing it. You can even run poledit directly from the CD normally.

This might be a bit of a bear for 45+ machines, but I believe you can create one policy per OS and then import the .pol configurations.

Best of luck.
0
 

Author Comment

by:VASHINEE19
ID: 9894617
hello Sir
i agree with the system policy editor. i even tried it. and i know that it should work. but  i use to gett the following error "An error occurred writing the registry. The file cannot be saved."

why such error?

---------------------------------
the second thing is that, if tomorrow i want to enlarge my system, then applying system policy editor on each client would be a time consuming. that's why a centralised policy would have been a better option.

what do you suggest?

thanking you
kind regards
VASHINEE19
0
 
LVL 10

Expert Comment

by:KingHollis
ID: 9895035
I think this link is very informative in addressing the centralization you are looking for as well as some other information. You don't appear to have a domain, so automatic downloads of the config.pol to the clients is out. But you can have something similar with maual download using Remote Update and centrally locating one config.pol file on a network share. Then whenever changes are necessary, you should only have to run Policy Editor on one sample machine and post its config.pol in the network share.

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/win98/reskit/part2/wrkc08.asp

Best of luck!
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Where to see El Capitan's EULA and Privacy Statements once OS installed 5 66
What to look for in Fraud Protection Solutions  PoC 1 95
Soundcloud.com 4 113
Password reset 1 54
The term "Bad USB" is a buzz word that is usually used when talking about attacks on computer systems that involve USB devices. In this article, I will show what possibilities modern windows systems (win8.x and win10) offer to fight these attacks wi…
SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question