[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

How to apply a centralised security policy in a unix-windows envronment?

Posted on 2003-12-03
3
Medium Priority
?
271 Views
Last Modified: 2013-12-04
hello Sir,

i would be grateful if you could advise me on the strategy to implement the following:

Current Site Definition(Scenario):
-----------------------
Compaq server with Unix installed. There are 28 PCs with Win 95 and 6 PCs with Win 98 on a LAN. Furthemore, there are 12 PCs with Win 95 and 9 PCs with Win 98 on a WAN which connects to the main server via a router (The company considers the router as their Remote Access Server).

i want to implement a solution, preferably a centralised security policy, which will allow the administrator to prevent users from manipulating the config. of the workstations on the WAN and LAN.

Awaiting a positive reply from you.
Thanks & Regards
VASHINEE19
software engineer
0
Comment
Question by:VASHINEE19
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 10

Accepted Solution

by:
KingHollis earned 375 total points
ID: 9892550
With the absence of a domain controller you will have to implement system policies locally.

System policies are normally located at domain controllers however local system policies can be implemented as follows. First you will need the Windows 9x poledit.exe tool which is located in the

+ Admin\Apptools\Poledit folder on the Windows 95 CD
+ Tools\Reskit\Netadmin\Poledit folder on the Windows 98 CD

You should use the Add/Remove Programs tool in Control Panel to install System Policy Editor.

Once you have the utility you should proceed as follows:

1. Click the Start button, and then click Run.
2. In the Open box, type "poledit" (without quotation marks), and then click OK.
3. In System Policy Editor, click Open Registry on the File menu.
4. Double-click the Local Computer icon, then the Network icon, and then double-click the Update icon.
5. Click the Remote Update check box, and then click Manual in the Update Mode box. In the Path box, type the path and file name for your system policy file. You can place this file in any folder on the hard disk. Click OK. This file MUST have a .pol extension or you will receive a failuer in step 8.
6. On the File menu, click Save. On the File menu, click New File.
7. Select the system policy settings you want to use.
8. On the File menu, click Save As. Save the file with the name and path you used in step 5.
9. Quit System Policy Editor, and then restart Windows.

It would be pertinent to remove Poledit after you've set the policy to avoid users changing it. You can even run poledit directly from the CD normally.

This might be a bit of a bear for 45+ machines, but I believe you can create one policy per OS and then import the .pol configurations.

Best of luck.
0
 

Author Comment

by:VASHINEE19
ID: 9894617
hello Sir
i agree with the system policy editor. i even tried it. and i know that it should work. but  i use to gett the following error "An error occurred writing the registry. The file cannot be saved."

why such error?

---------------------------------
the second thing is that, if tomorrow i want to enlarge my system, then applying system policy editor on each client would be a time consuming. that's why a centralised policy would have been a better option.

what do you suggest?

thanking you
kind regards
VASHINEE19
0
 
LVL 10

Expert Comment

by:KingHollis
ID: 9895035
I think this link is very informative in addressing the centralization you are looking for as well as some other information. You don't appear to have a domain, so automatic downloads of the config.pol to the clients is out. But you can have something similar with maual download using Remote Update and centrally locating one config.pol file on a network share. Then whenever changes are necessary, you should only have to run Policy Editor on one sample machine and post its config.pol in the network share.

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/win98/reskit/part2/wrkc08.asp

Best of luck!
0

Featured Post

Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The term "Bad USB" is a buzz word that is usually used when talking about attacks on computer systems that involve USB devices. In this article, I will show what possibilities modern windows systems (win8.x and win10) offer to fight these attacks wi…
Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question