Understanding Group Policy James Michael Stewart CISSP TICSA

  • Slides: 19
Download presentation
Understanding Group Policy James Michael Stewart CISSP, TICSA, CIW SA, CCNA, MCSE NT &

Understanding Group Policy James Michael Stewart CISSP, TICSA, CIW SA, CCNA, MCSE NT & W 2 K, i. Net+ michael@itinfopros. com

What is Group Policy? ®A centralized collection of operational and security controls ® Available

What is Group Policy? ®A centralized collection of operational and security controls ® Available in Active Directory domains ® Contains items previously found in system policies and through editing the Registry (i. e. Windows NT) Submit a question anytime by clicking on the Ask a Question link in the bottom left corner of your presentation screen.

Elements of Group Policy ® general security controls ® audit ® user rights ®

Elements of Group Policy ® general security controls ® audit ® user rights ® passwords ® accounts lockout ® Kerberos ® Public key policies ® IPSec policies

Divisions of Group Policy ® Computer Configuration ® User Configuration Submit a question anytime

Divisions of Group Policy ® Computer Configuration ® User Configuration Submit a question anytime by clicking on the Ask a Question link in the bottom left corner of your presentation screen.

Application of Group Policy ® Group Policy Objects – GPOs ® Can be applied

Application of Group Policy ® Group Policy Objects – GPOs ® Can be applied to any AD container ® Application order: LSDOU ® Local, ® Last Site, Domain, Organizational Unit GPO applied takes precedent Submit a question anytime by clicking on the Ask a Question link in the bottom left corner of your presentation screen.

Group Policy Editors ® MMC snap-in: Group Policy ® Active Directory Domains and Trusts

Group Policy Editors ® MMC snap-in: Group Policy ® Active Directory Domains and Trusts ® Active Directory Sites and Services Submit a question anytime by clicking on the Ask a Question link in the bottom left corner of your presentation screen.

GPO Application ® Inheritance by default ® No Override – prevents other GPOs from

GPO Application ® Inheritance by default ® No Override – prevents other GPOs from changing settings in this GPO ® Disabled – this GPO is not applied to this container ® Multiple GPOs on same container – application order ® Disable Computer Configuration or User Configuration ® Set Allow/Deny for Apply Group Policy to control user/group application

GPO Limitations ® If a single user is a member of 70 to 80

GPO Limitations ® If a single user is a member of 70 to 80 groups, the respective GPOs may not be applied ® Problem caused by Kerberos token size – 70 to 80 groups fills the token and causes an error ® Result is no GPOs are applied

GPO Uses ® Local GPO ® Windows 2000, XP, . NET Submit a question

GPO Uses ® Local GPO ® Windows 2000, XP, . NET Submit a question anytime by clicking on the Ask a Question link in the bottom left corner of your presentation screen.

Security Configuration and Analysis ® MMC snap-ins: ® Security Configuration and Analysis ® Security

Security Configuration and Analysis ® MMC snap-ins: ® Security Configuration and Analysis ® Security Templates ® Used to customize Group Policies a. k. a. security templates. ® Several pre-defined security templates for client, server, and DC systems of basic, compatible, secure, and high security. ® Analyze current security state

GPO: Password Policy ® Min & max password age (0 -999) ® Min password

GPO: Password Policy ® Min & max password age (0 -999) ® Min password length (0 -14) ® History (1 - 24 entries) ® Passwords must meet complexity requirements ® Store passwords using reversible encryption for all users in the domain

GPO: Accounts Policy ® Lockout duration (0 – 99999 minutes) ® Failed logon attempts

GPO: Accounts Policy ® Lockout duration (0 – 99999 minutes) ® Failed logon attempts ® Counter reset after time limit Submit a question anytime by clicking on the Ask a Question link in the bottom left corner of your presentation screen.

GPO: Audit Policy ® ® ® Account logon events Directory service access Logon events

GPO: Audit Policy ® ® ® Account logon events Directory service access Logon events Policy change Process tracking Account management Object access Privilege use System events Object level controls accessed through Advanced Security Properties ® Audit policy must be enabled in order for audited events to be recorded in the Security log ®

GPO: User Rights ® To increase security settings, make the following changes: Log on

GPO: User Rights ® To increase security settings, make the following changes: Log on locally: assigned only to Administrators on Servers ® Shutdown the System: assigned only to Administrators, Power Users ® Access computer from network: assigned to Users, revoke for Administrators and Everyone ® Restore files/directories: revoke for Backup Operators ® Bypass traverse checking: assigned to Authenticated Users, revoke for Everyone ®

GPO: Security Options ® Numerous security related controls ® Previous found only as Registry

GPO: Security Options ® Numerous security related controls ® Previous found only as Registry edits Submit a question anytime by clicking on the Ask a Question link in the bottom left corner of your presentation screen.

GPO: misc ® Scripts ® Public Key – EFS ® IPSec ® Software ®

GPO: misc ® Scripts ® Public Key – EFS ® IPSec ® Software ® Administrative ® Templates for Registry alteration

Using GPOs ® Group similar users ® Place similar users/groups in separate containers (i.

Using GPOs ® Group similar users ® Place similar users/groups in separate containers (i. e. OUs) ® Define universal GPOs at domain level ® Define specific GPOs as far down the organizational tree as possible ® Avoid changing default inheritance mechanism

Questions? Click on the Ask a Question link in the lower left corner of

Questions? Click on the Ask a Question link in the lower left corner of your screen to ask James Michael Stewart a question.

Thank you for your participation! Did you like this Webcast? Send us your feedback

Thank you for your participation! Did you like this Webcast? Send us your feedback on this event and ideas for other event topics at editor@searchwin 2000. com.

CISSP Overview CISSP Overview 1 Introduction 2 CISSPCISSP Overview CISSP Overview 1 Introduction 2 CISSP
CISSP Thomas Moore CISSP Thomas Moore Ph DCISSP Thomas Moore CISSP Thomas Moore Ph D
Stewart Leith ESR 14 Universitt Siegen stewart leithunisiegenStewart Leith ESR 14 Universitt Siegen stewart leithunisiegen
Security Incident Database By L Michael Johnson CISSPSecurity Incident Database By L Michael Johnson CISSP
Pfizers SAFE Use Case Michael Lavoie CISSP PMPPfizers SAFE Use Case Michael Lavoie CISSP PMP
Demystifying RFID Technology Michael Vieau CISSP CEH KevinDemystifying RFID Technology Michael Vieau CISSP CEH Kevin
The Cyber Security Challenges Michael Trofi CISSP CISMThe Cyber Security Challenges Michael Trofi CISSP CISM
Security Incident Database By L Michael Johnson CISSPSecurity Incident Database By L Michael Johnson CISSP
The Cyber Security Challenges Michael Trofi CISSP CISMThe Cyber Security Challenges Michael Trofi CISSP CISM
Understanding Children Understanding Children Understanding Children Name UnderstandingUnderstanding Children Understanding Children Understanding Children Name Understanding
Captain James cook James Cook James Cook wasCaptain James cook James Cook James Cook was
James 1 James 1 1 James a bondservantJames 1 James 1 1 James a bondservant
Jesse James The James Gang Jesse Woodson JamesJesse James The James Gang Jesse Woodson James
James on Immortality 1 William James Pragmatism JamesJames on Immortality 1 William James Pragmatism James
James Dashner By Tiernan Baity James Dashner JamesJames Dashner By Tiernan Baity James Dashner James
James Joyce Ulysses James Joyce James Joyce UlyssesJames Joyce Ulysses James Joyce James Joyce Ulysses
JAMES P ALLISON JAMES ALLISON KIMDIR James PJAMES P ALLISON JAMES ALLISON KIMDIR James P
Victory In Christ James 4 James James GodsVictory In Christ James 4 James James Gods