Solved

Are passwords encrypted in transit

Posted on 2014-01-17
9
689 Views
Last Modified: 2014-03-05
For audit purposes, I need to report that policy has set "Passwords Encrypted in Transit" on over 5000 Windows servers. Operating systems range from Windows 2003 through 2012. I have been unable to find a registy setting that corresponds to this policy setting. Any ideas?
0
Comment
Question by:ServerTec
  • 4
  • 2
  • 2
  • +1
9 Comments
 
LVL 6

Expert Comment

by:alexgreen312
ID: 39788934
They are encrypted using Kerberos encryption if I remember correctly
0
 

Author Comment

by:ServerTec
ID: 39789231
I don't need to know how it's done, I need to know how to report that it's been done.
0
 
LVL 78

Expert Comment

by:David Johnson, CD, MVP
ID: 39789823
It is a function of the operating system (kerberos)
0
 
LVL 6

Expert Comment

by:alexgreen312
ID: 39790172
It's in as default IIRC
0
Don't lose your head updating email signatures!

Do your end users still have the wrong email signature? Do email signature updates bore you or fill you with a sense of dread? You can make this a whole lot easier on yourself by trusting an Exclaimer email signature management solution. Over 50 million users do...so should you!

 
LVL 44

Expert Comment

by:Darr247
ID: 39792379
See if the Kerberos status show up in the HTML file generated by the command
gpresult /F /H GPreport.htm

Open in new window

That file should be made in your user folder if that's run from the standard CMD window.

If so, a FOR/DO batch should be possible that uses a list of all the servers as the input.
0
 

Author Comment

by:ServerTec
ID: 39801004
ERROR: Invalid argument/option - '/F'

The /H argument also appears to be invalid. Is the intention to write the results of gpresult to a file?
0
 
LVL 44

Expert Comment

by:Darr247
ID: 39801740
Interesting... do ANY of the parameters listed in
http://technet.microsoft.com/en-us/library/cc733160.aspx
work for you?
0
 

Accepted Solution

by:
ServerTec earned 0 total points
ID: 39895425
It turns out that the auditors really wanted to know the setting of "passwords are stored useing reversible encryption" in policy. Thanks to all for their efforts in addressing my question.
0
 

Author Closing Comment

by:ServerTec
ID: 39905878
It turns out that the auditors really wanted to know the setting of "passwords are stored useing reversible encryption" in policy. Thanks to all for their efforts in addressing my question.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you need to start windows update installation remotely or as a scheduled task you will find this very helpful.
In this article, I will show you HOW TO: Perform a Physical to Virtual (P2V) Conversion the easy way from a computer backup (image).
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…

947 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now