Friday, June 5, 2009

Security and Local Policy Settings in Windows XP

Security and Local Policy Settings
Part of keeping a user productive is keeping their data and computer safe. You can control the security if you are part of a workgroup. The tools are built into the OS in Windows XP, and must be configured on every computer that is part of a workgroup.
Local security on the desktop is controlled by the local security policies.
START/Control Panel/Administrative Tools/Local Security Policy
This brings up the Local security policy console.

Account Policies
  • Password Policy controls password settings such as minimum and maximum password age, length, and whether the passwords must be complex
  • Account Lockout Policy controls whether the account should be locked out after a preset number of logon attempts
Local Policies
  • Audit Policy determines what you are auditing for a user and the activities are posted to the Event Log
  • User Rights Assignment controls who is allowed to perform actions on a computer such as backing up the computer, changing the time, or shutting down the computer
  • Security Options have to do with what a user can do and what their accounts are limited to doing regarding access to the computer resources
If the user is on a domain some of these options might be grayed out. Computers that are part of a domain are subject to both local and group security policy.
Group policy settings will control and override the local policy settings.

The order of policy checking on the computer is a follows:

· Local policy is applied to the computer.
· Active Directory Site (A geographical unit of an organization) of which a computer is a member.
· Active Directory Domain of which a computer is a member.
· Active Directory Organizational Unit (Used for management purposes) of which a computer is a member.

RSOP, Resultant Set of Policies Tool can be used to determine if group policy is being used on the computer we are looking at. RSOP cannot be used remotely if the user has Windows Firewall, unless certain ports are unblocked.
Go to the command line. Start/Run/CMD/gpresult.
Press enter.
This shows you the big picture. The HELP and SUPPORT Center includes a tool to let a user see the effective Group Policy settings. If you at a remote location, and need the effective Group Policy settings, have the user email them to you after using the tool in HELP and SUPPORT.
START/HELP and SUPPORT/Use Tools To View Your Computer Information and Diagnose Problems/select Tools list from the left pane/select Advanced System Information/in the right pane, select View Group Policy Settings Applied
Scroll to the bottom of the report that is supplied and select Save This Report To an .Html File. Type a Path and name for the file and click OK.

Protecting an Internet Computer
Possible causes of user problems on the Internet could be:

· Internet Explorer. If the user is having trouble with anything in Internet Explorer, you should check the IE settings.
· Firewall
· Proxy. The user might be hitting a proxy server. There might be a proxy filter that filters what the user can access. Proxy servers are very powerful. They can filter who and when the user can have access.
· Antivirus. You should disable it while you are looking at the system.
Configuring Auditing on a Computer

Auditing impairs system performance, so be careful choosing events to audit.

Start/Control Panel/Administrative Tools/Local Security Settings
Go to Local Policies. Go to Audit Policy.
· Audit account logon events
· Audit account management
· Audit directory service access
· Audit logon events
· Audit object access
· Audit policy change
· Audit privilege use
· Audit process tracking
· Audit system events
Example: Click on audit object access. Right click. Check Success and Failure to audit object access.
Let’s say you go into to local drive, into Templates, and you want to audit access to this template folder. Right click the Template folder/Properties/Security/Advanced/Auditing. Add in who you want to audit. Most of the time, you want to audit everyone. So you type in everyone. Then you can even decide what you want to audit, read, create files, delete, etc.
You can see this info in the log files.
Troubleshooting System Performance
There are a few things that must be working for an OS to function properly.
· Processor
· RAM/Memory. The more physical memory the better.
· Disk subsystem. Includes hard disks as well as the controllers. On client computers, it probably includes the motherboard. The disk subsystem controls how fast we get data off of the hard disks.
· Network Subsystem. Network interface cards, type of communication, i.e., wireless, cable.
Tools we can use to free up some of the above:
· Disk Defragmenter. Rearranges files on your disk so they are written to the disk contiguously.
· Check Disk. Scan the files and directory structure to make sure it is free of errors.
· Disk Cleanup. Scans your hard drive looking for files that can be safely removed.

No comments:

Post a Comment

"Comment As:" anonymous if you would rather not sign into an account!