We help IT Professionals succeed at work.
Get Started

GPO to edit registry

Last Modified: 2016-03-23
Hi.  Please let me know how to create a GPO on Windows server 2008 to edit the registry to get rid of the following vulnerability that was found by an Altiris vulnerability scan:

Microsoft Windows SMB Registry : Winlogon Cached Password Weakness

 Synopsis :

 User credentials are stored in memory.

 Description :

 The registry key HKLM\Software\Microsoft\Windows
 NT\CurrentVersion\Winlogon\CachedLogonsCount is non-null. It means
 that the remote host locally caches the passwords of the users when
 they log in, in order to continue to allow the users to log in in the
 case of the failure of the PDC.

 Solution :

 use regedt32 and set the value of this key to 0

Watch Question
Network Administrator
This problem has been solved!
Unlock 1 Answer and 3 Comments.
See Answer
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE