Announcement

Collapse
No announcement yet.

Domain controller security

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Domain controller security

    Apply sec policy to domain controller via, domain controller sec policy snap in or domain sec policy...in either way no policy is applied to dc...i have to use mmc and group policy to apply any policy to dc.
    ________
    PRILOSEC HELP
    Last edited by flight1; 17th September 2011, 01:24.

  • #2
    Re: Domain controller security

    Errrr a bit more info is required.
    Also the only thing you saying right now is that some policy doesn't appy on a DC.

    What policy?
    What OS?
    What have you done to make it work?
    Have you checked the logs.
    Etcetcetc.
    Marcel
    Technical Consultant
    Netherlands
    http://www.phetios.com
    http://blog.nessus.nl

    MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
    "No matter how secure, there is always the human factor."

    "Enjoy life today, tomorrow may never come."
    "If you're going through hell, keep going. ~Winston Churchill"

    Comment


    • #3
      Re: Domain controller security

      W2K3 serv ........simple like password policy..to apply it i have to use mmc and then group policy instead of domain controller sec snap in in admin tools....
      ________
      Medical Marijuana Card
      Last edited by flight1; 17th September 2011, 01:23.

      Comment


      • #4
        Re: Domain controller security

        If i understand you correctly you want to implement a domain wide password policy. Is this the case???

        Comment


        • #5
          Re: Domain controller security

          I presume that you are using GPEDIT.msc (group policy editor), by which you are setting a local policy.

          If you want to apply a policy on the domain level (Site, Domain, OU), you'l need to use Group Policy management Console. If GPMC is not installed, use DSA.MSC (AD User and computers) to set the setting at the correct level.

          Password policies are domain wide policies and can (In windows Server 2003) therefore only be applied on the domain level.
          [Powershell]
          Start-DayDream
          Set-Location Malibu Beach
          Get-Drink
          Lay-Back
          Start-Sleep
          ....
          Wake-Up!
          Resume-Service
          Write-Warning
          [/Powershell]

          BLOG: Therealshrimp.blogspot.com

          Comment


          • #6
            Re: Domain controller security

            Hi,

            What is the actual need?

            Do you want to apply a policy to a domain Controller or to computers in the domain?

            I request you to install GPMC which will help you to narrow down the issue, becaz you can check the reports and settings that are applied.

            Check your event viewer for errors.

            As killerbe has pointed out do not use gpedit.msc to set a policy becaz that is Local policy which is used to check the database setting of the policies applied.

            Thanks
            VPS

            Comment


            • #7
              Re: Domain controller security

              prob is i am unable to apply anywhere at dc or domain....i want to apply to DC. e.g i want to change logon message if i set this through domain controller policy snapin it does not apply after logoff, similary if i use group policy snap in then all policies there are inactive..cant be modified...i am not using GPMC.
              ________
              White Widow Seeds
              Last edited by flight1; 17th September 2011, 01:23.

              Comment


              • #8
                Re: Domain controller security

                Originally posted by flight1 View Post
                prob is i am unable to apply anywhere at dc or domain....i want to apply to DC. e.g i want to change logon message if i set this through domain controller policy snapin it does not apply after logoff, similary if i use group policy snap in then all policies there are inactive..cant be modified...i am not using GPMC.
                What do you mean at DC or domain???

                You can't apply a password policy to a DC only to a domain.

                I highly recommend installing GPMC makes managing your GPO's much easier.

                Comment

                Working...
                X