ServerTec
asked on
Are passwords encrypted in transit
For audit purposes, I need to report that policy has set "Passwords Encrypted in Transit" on over 5000 Windows servers. Operating systems range from Windows 2003 through 2012. I have been unable to find a registy setting that corresponds to this policy setting. Any ideas?
They are encrypted using Kerberos encryption if I remember correctly
ASKER
I don't need to know how it's done, I need to know how to report that it's been done.
It is a function of the operating system (kerberos)
It's in as default IIRC
See if the Kerberos status show up in the HTML file generated by the command
If so, a FOR/DO batch should be possible that uses a list of all the servers as the input.
gpresult /F /H GPreport.htm
That file should be made in your user folder if that's run from the standard CMD window. If so, a FOR/DO batch should be possible that uses a list of all the servers as the input.
ASKER
ERROR: Invalid argument/option - '/F'
The /H argument also appears to be invalid. Is the intention to write the results of gpresult to a file?
The /H argument also appears to be invalid. Is the intention to write the results of gpresult to a file?
Interesting... do ANY of the parameters listed in
http://technet.microsoft.com/en-us/library/cc733160.aspx
work for you?
http://technet.microsoft.com/en-us/library/cc733160.aspx
work for you?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
It turns out that the auditors really wanted to know the setting of "passwords are stored useing reversible encryption" in policy. Thanks to all for their efforts in addressing my question.