Home page logo

basics logo Security Basics mailing list archives

Policy enforcement- Admin accounts
From: "WALI" <hkhasgiwale () gmail com>
Date: Sat, 15 Dec 2007 20:32:48 +0400

In an active directory environment (windows 2003), I want to ensure lockout for administrator accounts also, in order to protect against attempts to brute force account password. The flipside is, we might have a DoS situation but I can live with it. Is there a tool I can deploy to ensure that admin account also locks out after certain no. of attemps?

Also, ONLY for admin accounts, I want to enforce certain settings like: Password should contain atleast 15 characters, should not contain a dictionary word etc. My normal password policy for AD user accounts, set at the domain level is a minimum of 8 chars but I want to deploy this special policy of 15 chars minimum for admin accounts.

How should I go about this?

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]