Solved

Logging, password policies and locking account

Posted on 2006-11-16
4
189 Views
Last Modified: 2010-04-18
Hi,

#1
every user in our domain has home folder. When someone is trying to acces others home folder they of course get acces deny error. How could I log those events?

#2
How could I define that passwords should be at least 12 characters, they should be changed every 3 months and using previous passwords is prohibited for at least one year.

#3
When user tries to log on domain three times with wrong password the account is locked.

20 points each.
0
Comment
Question by:hafka
  • 2
  • 2
4 Comments
 
LVL 14

Expert Comment

by:inbarasan
ID: 17955542
Dear hafka,
My answers are below

Q1 : You need enable the auditing for Object access Success and Failure. Then you can check the same from eventlog-->security
Q2: You need to do this in Default domain level policy in Account policy section. if you don't want the user to use same pwd for one yr then keep the pwd history as 4
Q3: Keep the bad pwd count to 3 in the account policies

Cheers!
0
 

Author Comment

by:hafka
ID: 17956032
Q1:How would I go step by step?

Q2 and Q3: I found the default domain policy and opened it in GPO-editor, but cant find those settings.

0
 
LVL 14

Accepted Solution

by:
inbarasan earned 100 total points
ID: 17956281
0
 

Author Comment

by:hafka
ID: 17974671
Q2&3 are now solved.

I added points to 100 so could you help me step by step on problem #1?

0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question