Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Windows 2000 Richard Goldman © December 4, 2001.

Published byBryan Morgan Modified over 8 years ago

Similar presentations

Presentation on theme: "Security Windows 2000 Richard Goldman © December 4, 2001."— Presentation transcript:

1

2 Security Windows 2000 Richard Goldman © December 4, 2001

3 Local or Domain Logon Before a user can access any resource the user must successfully logon to either the local computer or to a domain. To logon locally, the user must have a user account set up on the specific computer that is to be accessed. –Windows 2000 Professional uses the registry and internal security systems to authenticate a local logon. To logon to the domain, the user must have a user account set on the domain that is to be accessed. –Windows 2000 servers uses Active Directory to authenticate a domain logon.

4 Logon To logon locally, the user must enter: 1.Identification (I.D. or User Name) 2.Authentication (Password) – Case Sensitive To logon to the domain, the user must enter: 1.Identification (I.D. or User Name) 2.Authentication (Password) – Case Sensitive 3.Domain Name

5 Access Token When the logon is successfully completed, an Access Token is created that identifies: –The user (user’s SID) –The groups that the user belongs to (group SIDs) –The user’s rights and privileges The access token is attached to all process run by the user and accompanies all requests for access to computer or network resources.

6 Access Control List (ACL) All computer and network objects have an ACL. The ACL defines: –Who has access to the resource. –What type of access is provided for each user.

7 Accessing an Object When a user (or process) requests access to a resource – the request is accompanied by the user’s Access Token. The Access Token and the type of request is compared with the ACL. If the Access Token and the type of request is allowed then the request is granted.

8 MyDocument.DOC Read request for access to MyDocument.DOC by a user in the student group. ACL Staff Group Y Read Y Write N Delete Student Group: Y Read N Write N Delete Read Request Access Token User: John Smith Groups: Student Request: Read Match X

9 MyDocument.DOC Read request for access to MyDocument.DOC by a user in the student group. ACL Staff Group Y Read Y Write N Delete Student Group: Y Read N Write N Delete Read Request Access Token User: John Smith Groups: Student Request: Read Read Access Granted

10 Customizing Windows 2000 Professional Logon Select: –Control Panel –Administrative Tools –Local Security Policy

11 Customizing Windows 2000 Professional Logon

12

13 To Disable the display of the last username: –From Within Local Security Policy 1.Expand Local Security Settings 2.Expand Local Policies 3.Select Security Options 4.Double-click Do not display last user name in logon screen 5.Set the value to Enable.

14 Customizing Windows 2000 Professional Logon Disabling the display of the last username

15

16 Customizing Windows 2000 Professional Logon Adding a Security Message The two elements of the Security Warning Message are: –Legal Notice Caption – 30 characters on the title bar of the Security Warning Message window. –Legal Notice Text – up to 65K of text to go inside the Security Warning Message window.

17 Customizing Windows 2000 Professional Logon To use the Local Computer Policy you must add the Group Policy (not “Global Policy”) snap-in to an MMC. –Click the Start button –Select Run –Enter MMC –Select Add/Remove Snap-in –Click on Add button –Select Group Policy –Click on the Add button –Click on the Finish button –The “Local Computer Policy” is then added to the MMC. –Click on the Close button –Click on the OK button –Save the MMC as Local Computer Policy –The MMC called Local Computer Policy will now appear in the Administrative Tools group.

18 Customizing Windows 2000 Professional Logon Adding a Security Message

19

Download ppt "Security Windows 2000 Richard Goldman © December 4, 2001."

Similar presentations

Chapter 7 – Managing Windows XP. Control Panel The main tool for configuring your system. Most of the tools to configure the system come with the normal.

Chapter 7 – Managing Windows XP. Control Panel The main tool for configuring your system. Most of the tools to configure the system come with the normal.
Managing User, Computer and Group Accounts

Managing User, Computer and Group Accounts
Tutorial EBSCOadmin User Groups support.ebsco.com.

Tutorial EBSCOadmin User Groups support.ebsco.com.
Members Only & Login Modules Members Only works with the Login module to provide password protection to Web pages and files. Login Groups may be created.

Members Only & Login Modules Members Only works with the Login module to provide password protection to Web pages and files. Login Groups may be created.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Lesson 17: Configuring Security Policies

Lesson 17: Configuring Security Policies
Chapter 8 Chapter 8: Managing Accounts and Client Connectivity.

Chapter 8 Chapter 8: Managing Accounts and Client Connectivity.
1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.

1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 4: Troubleshoot System Startup and User Logon Problems.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 4: Troubleshoot System Startup and User Logon Problems.
Chapter 5: Configuring Users and Groups. Types of User Accounts Administrator –Unrestricted access to performing administrative tasks –Use sparingly Standard.

Chapter 5: Configuring Users and Groups. Types of User Accounts Administrator –Unrestricted access to performing administrative tasks –Use sparingly Standard.
10.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

10.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
Chapter 5: Configuring Users and Groups. Windows Vista User Accounts User accounts are the primary means of authentication Built-in Accounts –Administrator:

Chapter 5: Configuring Users and Groups. Windows Vista User Accounts User accounts are the primary means of authentication Built-in Accounts –Administrator:
Panasonic Computer Products Europe CF-08 Live Set up.

Panasonic Computer Products Europe CF-08 Live Set up.
11 MANAGING USERS AND GROUPS Chapter 13. Chapter 13: MANAGING USERS AND GROUPS2 OVERVIEW  Configure and manage user accounts  Manage user account properties.

11 MANAGING USERS AND GROUPS Chapter 13. Chapter 13: MANAGING USERS AND GROUPS2 OVERVIEW  Configure and manage user accounts  Manage user account properties.
Ch 9 Managing Active Directory User Accounts. Objectives Create Organizational Unit Creating User Accounts in Active Directory Disabling, Enabling, and.

Ch 9 Managing Active Directory User Accounts. Objectives Create Organizational Unit Creating User Accounts in Active Directory Disabling, Enabling, and.
11 WORKING WITH COMPUTER ACCOUNTS Chapter 8. Chapter 8: WORKING WITH COMPUTER ACCOUNTS2 CHAPTER OVERVIEW Describe the process of adding a computer to.

11 WORKING WITH COMPUTER ACCOUNTS Chapter 8. Chapter 8: WORKING WITH COMPUTER ACCOUNTS2 CHAPTER OVERVIEW Describe the process of adding a computer to.
Guide to MCSE 70-290, Enhanced 1 Activity 9-1: Creating a Group Policy Object Using the MMC Objective: To create a GPO using the Group Policy Object Editor.

Guide to MCSE , Enhanced 1 Activity 9-1: Creating a Group Policy Object Using the MMC Objective: To create a GPO using the Group Policy Object Editor.
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.

1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
Implementing RADIUS AAA Phil & Rick. Content Terms and Concepts Access Control What is AAA? Benefits of AAA What is RADIUS? Microsoft IAS Overview Installation.

Implementing RADIUS AAA Phil & Rick. Content Terms and Concepts Access Control What is AAA? Benefits of AAA What is RADIUS? Microsoft IAS Overview Installation.
Working with Drivers and Printers Lesson 6. Skills Matrix Technology SkillObjective DomainObjective # Understanding Drivers and Devices Install and configure.

Working with Drivers and Printers Lesson 6. Skills Matrix Technology SkillObjective DomainObjective # Understanding Drivers and Devices Install and configure.

Similar presentations

Ads by Google