RE: Active Directory

Email lists > Microsoft Software Security newsletter

Thread: RE: Active Directory

Search this list only Search all lists
RE: Active Directory
	2007-08-30 17:45:45
Ensure login is allow only the AD group "Authenticated users" -----Original Message----- From: listbouncesecurityfocus.com [mailto:listbouncesecurityfocus.com] On Behalf Of Devin Rambo Sent: Friday, 31 August 2007 12:20 AM To: focus-mssecurityfocus.com Subject: RE: Active Directory Without having more detail, I would say that you could use a combination of user permissions and user-level group policy. It's hard to say more than that without knowing exactly what it is that you want to restrict them from doing. As a rule, you should look to grant permissions/policies that give them the bare minimum they need to perform their job functions. Devin -----Original Message----- From: listbouncesecurityfocus.com [mailto:listbouncesecurityfocus.com] On Behalf Of wjbox1-guardyahoo.com Sent: Thursday, August 30, 2007 2:19 AM To: focus-mssecurityfocus.com Subject: Active Directory What is the easiest way to lock an lower level administrator from using the PC via Active Directory? When disabling a computer what else can be done with out having to block the IP address or MAC to make sure the PC does not get on the network and or changed the computer name? ********************************************************** ******************************************************** ************************************** "This email (including all attachments) is confidential, may contain personal or legally privileged information and is intended solely for the named addressee. Confidentiality or privilege is not waived or lost because this email has been sent to you by mistake. If you have received it in error, please let us know by reply email, delete it from your system and destroy any copies. This email is also subject to copyright. No part of it should be reproduced, adapted or communicated without the written consent of the copyright owner. Any personal information in this email must be handled in accordance with the Privacy Act 1988 (Cth). Emails may be interfered with, may contain computer viruses or other defects and may not be successfully replicated on other systems. Pillar Administration makes no representations and gives no warranties in relation to these matters and does not accept liability for any loss or damage which may result from this email. If you have any doubts about the authenticity of an email purportedly sent by Pillar Administration, please contact us immediately. " ******************************************************** ******************************************************** ****************************************

[1]

about | contact Other archives ( Real Estate discussion Medical topics )

Mailing lists