GPO to edit registry
Hi. Please let me know how to create a GPO on Windows server 2008 to edit the registry to get rid of the following vulnerability that was found by an Altiris vulnerability scan:
Microsoft Windows SMB Registry : Winlogon Cached Password Weakness
Synopsis :
User credentials are stored in memory.
Description :
The registry key HKLM\Software\Microsoft\Wi
NT\CurrentVersion\Winlogon
that the remote host locally caches the passwords of the users when
they log in, in order to continue to allow the users to log in in the
case of the failure of the PDC.
Solution :
use regedt32 and set the value of this key to 0
http://www.tenable.com/plugins/index.php?view=single&id=11457
Microsoft Windows SMB Registry : Winlogon Cached Password Weakness
Synopsis :
User credentials are stored in memory.
Description :
The registry key HKLM\Software\Microsoft\Wi
NT\CurrentVersion\Winlogon
that the remote host locally caches the passwords of the users when
they log in, in order to continue to allow the users to log in in the
case of the failure of the PDC.
Solution :
use regedt32 and set the value of this key to 0
http://www.tenable.com/plugins/index.php?view=single&id=11457
Last Comment
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
Thanks. That did it.
Windows Server 2008
Windows Server 2008 and Windows Server 2008 R2, based on the Microsoft Vista codebase, is the last 32-bit server operating system released by Microsoft. It has a number of versions, including including Foundation, Standard, Enterprise, Datacenter, Web, HPC Server, Itanium and Storage; new features included server core installation and Hyper-V.
86K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
khttp://www.windowstricks.i