Domain controller setup help
From: Scott Ehrlich (se_at_panix.com)
Date: 07/03/03
- Previous message: James Owens: "account lockout: attempts during the lockout"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 2 Jul 2003 20:01:36 -0400
Authentication question:
As I prepare to set up a Windows Server 2003 domain controller, it is
likely we will have separate ldap and kerberos servers. Can the domain
controller support this? If so, how?
Also, would this type of setup permit transparent authentication from a
Windows box to a network storage device on the UNIX side? At present, we
need to enable unencrypted passwords to third-party SMB hosts, then the
user needs to log into their Windows box, and then again when mapping to
the network storage. A single logon is the goal.
Security question:
For Win NT-based machines, particularly Win2K and XP, I disable SSDP,
ICF/ICS, Remote Registry, and any web services.
For the 2003 server, what security settings should I be aware of, both
from a services viewpoint as well as permissions (both console and
remote/network) from/for user accounts and any other area I should be
aware of.
There may be documentation on it, but what have people done in practice?
If they are the same, that is fine, but I do want to make sure this gets
done right the first time as much as possible.
Thanks so much in advance.
Scott
- Previous message: James Owens: "account lockout: attempts during the lockout"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
