Authentication Management via Group Policy
Group Policy can be used to strengthen authentication practices for Windows. Password, account lockout policy, and Kerberos policies should be used, and many restrictions are also set in Group Policy Security Options. NTLM process restrictions, for example, are tightened via the Security Options, as described previously in this chapter in the section “LM/NTLM Configuration.” Individual user account restrictions can be used to further manage and secure the authentication process.
Account Policy
The Group Policy Account Policy options determine the specifics of the Domain Password policy (see Figure 2-11 and Table 2-7), the Account Lockout policy (see Figure 2-12 and Table 2-8), and, in a domain, the Kerberos ...
Get Windows Server 2003 Security: A Technical Reference now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.