Link to home
Create AccountLog in
Avatar of murkytuna
murkytunaFlag for United States of America

asked on

GPO to edit registry

Hi.  Please let me know how to create a GPO on Windows server 2008 to edit the registry to get rid of the following vulnerability that was found by an Altiris vulnerability scan:

Microsoft Windows SMB Registry : Winlogon Cached Password Weakness

 Synopsis :

 User credentials are stored in memory.

 Description :

 The registry key HKLM\Software\Microsoft\Windows
 NT\CurrentVersion\Winlogon\CachedLogonsCount is non-null. It means
 that the remote host locally caches the passwords of the users when
 they log in, in order to continue to allow the users to log in in the
 case of the failure of the PDC.

 Solution :

 use regedt32 and set the value of this key to 0

http://www.tenable.com/plugins/index.php?view=single&id=11457
ASKER CERTIFIED SOLUTION
Avatar of Scott Silva
Scott Silva
Flag of United States of America image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
Avatar of Ganesamoorthy S
Ganesamoorthy S

Avatar of murkytuna

ASKER

Thanks.  That did it.