Simonis: Return-Path:
Simonis: <focus-ms-return-6024-sbirl=temple.edu (at) securityfocus (dot) com [email concealed]>
Simonis: Date: Mon, 08 Sep 2003 14:40:03 -0400
Simonis: From: simonis <simonis (at) myself (dot) com [email concealed]>
Simonis: To: Trey Stevens <treystevens (at) comcast (dot) net [email concealed]>
Simonis: Cc: focus-ms (at) securityfocus (dot) com [email concealed]
Simonis: Subject: Re: windows 2000 security logs
Simonis:
Simonis: Trey Stevens wrote:
Simonis: >
Simonis: > Is there a place in group policy in which you can define who can read the
Simonis: > security logs? In our shop, we have domain controllers at sites in which the
Simonis: > IT staffs are not domain admins but still need to be able to see the
Simonis: > security logs to look for account lockouts.
Simonis: >
Simonis:
Simonis:
Simonis: Have you experimented with the "account lockout status" tool,
Simonis: lockoutstatus.exe, found in the 2003 res kit?
That's assuming the user is running 2003.
Thanks
Scott Birl http://concept.temple.edu/sysadmin/
Senior Systems Administrator Computer Services Temple University
====*====*====*====*====*====*====*====+====*====*====*====*====*====*==
==*====*
------------------------------------------------------------------------
---
KaVaDo provides the first and only integrated Web application scanner and
firewall security suite that prevent Web applications attacks, the most
common form of online exploitation. Download a FREE whitepaper on Security Policy Automation for Web Applications.
http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
------------------------------------------------------------------------
---
Simonis: Return-Path:
Simonis: <focus-ms-return-6024-sbirl=temple.edu (at) securityfocus (dot) com [email concealed]>
Simonis: Date: Mon, 08 Sep 2003 14:40:03 -0400
Simonis: From: simonis <simonis (at) myself (dot) com [email concealed]>
Simonis: To: Trey Stevens <treystevens (at) comcast (dot) net [email concealed]>
Simonis: Cc: focus-ms (at) securityfocus (dot) com [email concealed]
Simonis: Subject: Re: windows 2000 security logs
Simonis:
Simonis: Trey Stevens wrote:
Simonis: >
Simonis: > Is there a place in group policy in which you can define who can read the
Simonis: > security logs? In our shop, we have domain controllers at sites in which the
Simonis: > IT staffs are not domain admins but still need to be able to see the
Simonis: > security logs to look for account lockouts.
Simonis: >
Simonis:
Simonis:
Simonis: Have you experimented with the "account lockout status" tool,
Simonis: lockoutstatus.exe, found in the 2003 res kit?
That's assuming the user is running 2003.
Thanks
Scott Birl http://concept.temple.edu/sysadmin/
Senior Systems Administrator Computer Services Temple University
====*====*====*====*====*====*====*====+====*====*====*====*====*====*==
==*====*
------------------------------------------------------------------------
---
KaVaDo provides the first and only integrated Web application scanner and
firewall security suite that prevent Web applications attacks, the most
common form of online exploitation. Download a FREE whitepaper on Security Policy Automation for Web Applications.
http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
------------------------------------------------------------------------
---
[ reply ]