Solved

How to apply a centralised security policy in a unix-windows envronment?

Posted on 2003-12-03
3
263 Views
Last Modified: 2013-12-04
hello Sir,

i would be grateful if you could advise me on the strategy to implement the following:

Current Site Definition(Scenario):
-----------------------
Compaq server with Unix installed. There are 28 PCs with Win 95 and 6 PCs with Win 98 on a LAN. Furthemore, there are 12 PCs with Win 95 and 9 PCs with Win 98 on a WAN which connects to the main server via a router (The company considers the router as their Remote Access Server).

i want to implement a solution, preferably a centralised security policy, which will allow the administrator to prevent users from manipulating the config. of the workstations on the WAN and LAN.

Awaiting a positive reply from you.
Thanks & Regards
VASHINEE19
software engineer
0
Comment
Question by:VASHINEE19
  • 2
3 Comments
 
LVL 10

Accepted Solution

by:
KingHollis earned 125 total points
Comment Utility
With the absence of a domain controller you will have to implement system policies locally.

System policies are normally located at domain controllers however local system policies can be implemented as follows. First you will need the Windows 9x poledit.exe tool which is located in the

+ Admin\Apptools\Poledit folder on the Windows 95 CD
+ Tools\Reskit\Netadmin\Poledit folder on the Windows 98 CD

You should use the Add/Remove Programs tool in Control Panel to install System Policy Editor.

Once you have the utility you should proceed as follows:

1. Click the Start button, and then click Run.
2. In the Open box, type "poledit" (without quotation marks), and then click OK.
3. In System Policy Editor, click Open Registry on the File menu.
4. Double-click the Local Computer icon, then the Network icon, and then double-click the Update icon.
5. Click the Remote Update check box, and then click Manual in the Update Mode box. In the Path box, type the path and file name for your system policy file. You can place this file in any folder on the hard disk. Click OK. This file MUST have a .pol extension or you will receive a failuer in step 8.
6. On the File menu, click Save. On the File menu, click New File.
7. Select the system policy settings you want to use.
8. On the File menu, click Save As. Save the file with the name and path you used in step 5.
9. Quit System Policy Editor, and then restart Windows.

It would be pertinent to remove Poledit after you've set the policy to avoid users changing it. You can even run poledit directly from the CD normally.

This might be a bit of a bear for 45+ machines, but I believe you can create one policy per OS and then import the .pol configurations.

Best of luck.
0
 

Author Comment

by:VASHINEE19
Comment Utility
hello Sir
i agree with the system policy editor. i even tried it. and i know that it should work. but  i use to gett the following error "An error occurred writing the registry. The file cannot be saved."

why such error?

---------------------------------
the second thing is that, if tomorrow i want to enlarge my system, then applying system policy editor on each client would be a time consuming. that's why a centralised policy would have been a better option.

what do you suggest?

thanking you
kind regards
VASHINEE19
0
 
LVL 10

Expert Comment

by:KingHollis
Comment Utility
I think this link is very informative in addressing the centralization you are looking for as well as some other information. You don't appear to have a domain, so automatic downloads of the config.pol to the clients is out. But you can have something similar with maual download using Remote Update and centrally locating one config.pol file on a network share. Then whenever changes are necessary, you should only have to run Policy Editor on one sample machine and post its config.pol in the network share.

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/win98/reskit/part2/wrkc08.asp

Best of luck!
0

Featured Post

Superior storage. Superior surveillance.

WD Purple drives are built for 24/7, always-on, high-definition security systems. With support for up to 8 hard drives and 32 cameras, WD Purple drives are optimized for surveillance.

Join & Write a Comment

Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now