zenportafino
asked on
Token expires after how long?
I hate that it becomes so ridiculously hard to find simple information like this. Does anyone know how long a token lasts in a win 2000 Active Directory domain? I'm restricting hours for users but they have learned that if they lock their systems and not log off, they can stay on way beyond the restricted times.
I'm trying to find out if I can adjust the time a token lasts if possible. Does anyone know how long they last by default??
Thanks in advance!
I'm trying to find out if I can adjust the time a token lasts if possible. Does anyone know how long they last by default??
Thanks in advance!
Oh, as a side note you must have the latest service pack installed, the repair is included.
slangtech
slangtech
Further to the prior links, here is another which directs the actual schema setup for user policies inside Active Directory, you'll need to grab some popcorn for this one :)
http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/activedirectory/maintain/bpguide/part1/adsecp1.mspx#EDAA
Slangtech
http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/activedirectory/maintain/bpguide/part1/adsecp1.mspx#EDAA
Slangtech
Also see this link, it is directly related to the sID token and offeres explanation of how to manipulate them according to user policy.
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secauthz/security/access_tokens.asp
I hope these help
Slangtech
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secauthz/security/access_tokens.asp
I hope these help
Slangtech
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
The default settings are in group policy under Kerberos settings under Computer configuration --> Windows Settings --> Security Settings --> Account Policies --> kerberos Policy. You can adjust your kerberos ticket settings there to specify logon time
http://support.microsoft.com/default.aspx?scid=kb;en-us;318714
Also see this link:
http://support.microsoft.com/kb/288180/EN-US/
Slangtech