SlideShare une entreprise Scribd logo

Managing security settings in windows server with group policy

Télécharger en tant que DOCX, PDF
Miguel de la Cruz
Miguel de la Cruz
IngénierieTechnologie
1  sur  14
Administración y Seguridad en Windows Server 1 Managing Security Settings in Windows Server with Group Policy Estela Cruz Díaz Miguel A. Morales de la Cruz Francisco de Jesús Sánchez Enríquez Instituto Tecnológico de Tuxtepec Febrero 2014
Administración y Seguridad en Windows Server 2 ABSTRACT To safeguard Windows it’s required a successful deployment of Group Policy, which depends on Active Directory and is the primary means for securing servers and desktop environments. Group Policy can define the status of the work environment of users and computers allowing recovery services, securities registration, account policies, group memberships and other features of machines on the network. Provide to administrators a high degree of administrative control over users and computers on the network. The main objective of this article is to give you ways of how security policies, through Group Policy allow to define the procedures for configuring and managing security to computing environment.
Administración y Seguridad en Windows Server 3 KEYWORDS  Security  Configuration  Templates  Passwords
Administración y Seguridad en Windows Server 4 INTRODUCTION Group Policy is implemented in Windows Server since its inception infrastructure, which allows you to specify managed for users and computers through Group Policy settings and policy preferences settings. You can manage your settings and preferences in an environment of Domain Services Active Directory through the Management Console Group Policy Management (GPMC). Group Policy is an infrastructure that allows to implement specific configurations for users and computers. Unfortunately, these guidelines are not easy to implement, since they are linked to Active Directory containers and therefore users must first know this tool. This article aims to IT professionals and general users to understand the characteristics of security auditing in Windows and how your organization can benefit from using these technologies to enhance security and network administration.
Administración y Seguridad en Windows Server 5 Security Auditing Overview Feature description Security auditing is a powerful tool to help maintain the security of an enterprise. Auditing can be used for a variety of purposes, including forensic analysis, regulatory compliance, monitoring user activity, and troubleshooting. Industry regulations in various countries or regions require enterprises to implement a strict set of rules related to data security and privacy. Security audits can help implement such policies and prove that these policies have been implemented. Also, security auditing can be used for forensic analysis, to help administrators detect anomalous behavior, to identify and mitigate gaps in security policies, and to deter irresponsible behavior by tracking critical user activities. Managing security auditing To use security auditing, you need to configure the system access control list (SACL) for an object, and apply the appropriate security audit policy to the user or computer. For more information, see Managing Security Auditing. (http://technet.microsoft.com/library/cc771475.aspx).
Administración y Seguridad en Windows Server 6 AUDIT GUIDELINES Before implementing an audit, you must decide on an audit. An audit policy specifies the categories of security-related events you want to audit. When this version of Windows is first installed, all audit categories are disabled. Enabling several categories of audit events, you can deploy an adequate audit to the security needs of your organization. Event categories you can choose to audit are:  Audit logon events account  Audit account management  Audit directory service access  Audit logon events  Audit object access  Audit policy change  Audit privilege use  Audit process tracking  Audit system events If you choose to audit access to objects as part of your audit, you must enable the category Audit directory service access (for audit objects in a domain controller) or category Audit object access (to audit objects a member server or workstation). After you enable the Object Access category, you can specify the types of access you want to audit for each group or user. To enable auditing of local objects, you must be logged as member of the predefined administrator accounts.
Administración y Seguridad en Windows Server 7 CONFIGURATION SET OR CHANGE OF DIRECTORS OF A CATEGORY EVENT. When defining auditing settings for specific event categories, you can create a proper audit for security needs of your organization. On servers and work stations member who join a domain, configuration audit event categories are not defined by default. On domain controllers, auditing is enabled by default. To set or change the configuration of the audit policy for a category of events on the local computer 1. Open the Local Security Policy snap-in and select Local Policies. 2. In the console tree, click Audit Policy. Where?  Security Settings / Local Policies / Audit Policies 3. In the results pane, double-click an event category for which you want to modify the audit policy setting. 4. Perform one of the following, or both, and click OK.  To audit successful attempts, select the Success check box.  To audit unsuccessful attempts, select the Failed check box ADDITIONAL CONSIDERATIONS  To open Microsoft Management Console using the Windows interface, click Start, in the Start Search text box, type mmc, and then press ENTER.  To audit access to objects, enable auditing of the category of object access events following the steps above. Next, enable auditing specific object.  After configuring the audit, the events are stored in the security log. Open the Security log to view these events.  The default configuration of the audit policy for domain controllers is No Auditing. That means that even if auditing is enabled in the domain, domain controllers do not inherit auditing policy locally. If you want the audit policy to apply to domain controllers, you must modify this policy setting.
Administración y Seguridad en Windows Server 8 APPLY OR MODIFY THE SETTING OF DIRECTORS AUDIT OF A STOCK OR A LOCAL FOLDER. To apply or modify auditing policy settings for a local file or folder. 1. - Open Windows Explorer. 2. - Click the right mouse button on the file or folder you want to audit, click Properties, then click the Security tab. 3. - Click Edit, and then click Advanced. (If not logged in as a member of the Administrators group on this computer, you must provide administrative credentials to continue). 4. - The box for Advanced Security Settings dialog <object> click the Auditing tab. 5. - Do one of the following steps:  To configure auditing for a user or group, click Add. In Enter the object name to select, type the name of the user or group you want, and then click OK.  To remove auditing for an existing group or user, click on their name, click Remove, click OK, and then skip the rest of this procedure.  To view or change auditing for an existing group or user, click on his name and then click Edit. 6.- In the Apply onto box, click the location where you want the audit is conducted. 7. - In the Access box, indicate what actions you want to audit to do so, check the appropriate boxes:  To audit successful events, select the Success check box.  To stop auditing successful events, clear the Success check box.  To audit unsuccessful events, select the Failed check box.  To stop auditing unsuccessful events, clear the Failed check box.  To stop auditing all events, click Clear All. 8. - If you want to prevent files and subfolders of the original object from inheriting these audit entries, select the Apply these auditing entries to objects and / or containers within this container only check box.
Administración y Seguridad en Windows Server 9 Important: Before you configure auditing of files and folders, you must enable Audit object access; to do this, set the audit policy setting for the category of object access events. If you do not enable the Audit object access, an error message to set up auditing for files and folders appear, and no files or folders are audited. Additional Considerations  You must be logged on as a member of the Administrators group or you must have been granted the right to Manage auditing and security in Group Policy to perform this procedure.  To open Windows Explorer, click Start, point to All Programs, click Accessories, and then click Windows Explorer.  After you enable auditing of object access, see the Security log in Event Viewer to check the result of the changes.  You can only configure auditing of files and folders on NTFS drives.  If you notice any of the following situations, the audit has been inherited from the parent folder: o Check the box to audit Folder> file> or dialogue in the Access box, the boxes are not available. o In the box for Advanced Security Settings dialog file> or Folder>, the Remove button is unavailable.  Because the security log is limited in size, select the files and folders to be audited. Also consider the amount of disk space you want to devote to the security log. The maximum size of the security log is defined in Event Viewer.
Administración y Seguridad en Windows Server 10 SAFETY CHECK REGISTER The security log records every event as defined in audit policies established in each object. To view the security log 1. - Open the event viewer. 2. - In the console tree, open Global Records, and then click Security. The results pane lists individual security events. 3. - If you want more details about a specific event, double-click the event in the results pane. Additional Considerations  To open Event Viewer, click Start, Control Panel, System and Maintenance, double-click Administrative Tools, and then double-click Event Viewer.  If the computer is connected to a network, it is likely that the network policy settings prevent you from performing the procedure.
Administración y Seguridad en Windows Server 11 RESULTS With this research we tried to understand more about Group Policy, one of the tools that can be used in order to have more effective in the field of security settings in Windows Server Administration. This topic is of great importance because the Server Administrator Windows Server 2008 enables you to view and manage almost all the information and tools that affect the productivity of a server. Server Manager increases the efficiency of server administration, since a single tool (Group Policy) allows administrators to:  View and modify the functions and features installed on the server.  Perform administrative tasks associated with the operational lifecycle of the server.  Determine server status, identify critical events, and analyze configuration errors.  Install or remove roles, role services, and features. The process to implement a Group Policy solution involves planning, design, implement and manage the solution. During the design phase:  Define the scope of Group Policy.  Determine the values of policy settings that apply to all corporate users.  Classify users and equipment according to their functions and locations.  Plan desktop configurations depending on the requirements of users and computers.
Administración y Seguridad en Windows Server 12  A well-planned design will help ensure a successful deployment of Group Policy. The implementation phase begins with an essay in a test environment. The process includes:  Creating standard desktop configurations.  Filter the scope of Group Policy objects.  Specifying exceptions to default inheritance of Group Policy.  Delegating administration of Group Policy.  Evaluation of effective policy settings using Group Policy Modeling.  Evaluation of results using Group Policy Results. Use of a technique for searching for information was made, this technique is known as an exact phrase, because this is to locate key words or keywords, then locates documents containing the word to start.
Administración y Seguridad en Windows Server 13 DISCUSSION OF RESULTS Try conscientiously implement Group Policy in a test environment before deploying it in a production environment. Consider an iterative implementation of Group Policy: Instead of implementing settings 100 new Group Policy, first try and implement some values only to validate that the infrastructure of the Group Policy is working correctly. Finally, be prepared to maintain Group Policy setting control procedures for working with objects. Before designing the implementation of Group Policy, you must understand the current organizational environment and perform some preparatory steps in the following areas: Active Directory: make sure the design of organizational units in Active Directory for all domains in the forest supports the application of Group Policy. For more information, see about designing an OU structure. Red: Make sure that the network meets the requirements of technology change management and configuration. For example, since the group policy works only with fully qualified domain names, the Directory Name Service (DNS) must be running in the forest in order to process the group policy correctly. Security: Get a list of security groups that are currently in use in the domain. Work with security administrators, as it delegates the responsibility for the administration of the OU. IT Requirements: Get a list of administrative owners and corporate standards administrative domains and OUs in the domain. This will develop a good plan of delegation and ensure that Group Policy is inherited correctly.
Administración y Seguridad en Windows Server 14 REFERENCES: http://technet.microsoft.com/library/cc771475.aspx http://technet.microsoft.com/en-us/library/dn319078.aspx http://technet.microsoft.com/es-es/library/cc730601.aspx http://technet.microsoft.com/es-es/library/cc732450.aspx http://technet.microsoft.com/es-es/library/cc771070.aspx http://technet.microsoft.com/es-es/library/cc731826.aspx http://technet.microsoft.com/es-es/library/dd349801(v=ws.10).aspx http://technet.microsoft.com/es-es/library/cc728909.aspx http://technet.microsoft.com/es-es/library/hh801901.aspx

Recommandé

ISO Cloud Security add-on & PCI DSS mapping 【Continuous Study】
ISO Cloud Security add-on & PCI DSS mapping 【Continuous Study】ISO Cloud Security add-on & PCI DSS mapping 【Continuous Study】
ISO Cloud Security add-on & PCI DSS mapping 【Continuous Study】Jerimi Soma
 
Ch12-Software Engineering 9
Ch12-Software Engineering 9Ch12-Software Engineering 9
Ch12-Software Engineering 9Ian Sommerville
 
Risk Management Framework (RMF) STEP 4- Access Security Controls - NIST SP 80...
Risk Management Framework (RMF) STEP 4- Access Security Controls - NIST SP 80...Risk Management Framework (RMF) STEP 4- Access Security Controls - NIST SP 80...
Risk Management Framework (RMF) STEP 4- Access Security Controls - NIST SP 80...James W. De Rienzo
 
Chapter14 Windows Server 2003 Security Features
Chapter14 Windows Server 2003 Security FeaturesChapter14 Windows Server 2003 Security Features
Chapter14 Windows Server 2003 Security FeaturesRaja Waseem Akhtar
 
3 windowssecurity
3 windowssecurity3 windowssecurity
3 windowssecurityricharddxd
 
Windows Logging Cheat Sheet ver Jan 2016 - MalwareArchaeology
Windows Logging Cheat Sheet ver Jan 2016 - MalwareArchaeologyWindows Logging Cheat Sheet ver Jan 2016 - MalwareArchaeology
Windows Logging Cheat Sheet ver Jan 2016 - MalwareArchaeologyMichael Gough
 
Windows Registry Auditing Cheat Sheet ver Oct 2016 - MalwareArchaeology
Windows Registry Auditing Cheat Sheet ver Oct 2016 - MalwareArchaeologyWindows Registry Auditing Cheat Sheet ver Oct 2016 - MalwareArchaeology
Windows Registry Auditing Cheat Sheet ver Oct 2016 - MalwareArchaeologyMichael Gough
 
Active Directory Auditing
Active Directory AuditingActive Directory Auditing
Active Directory AuditingWILLA REYES
 

Recommandé

ISO Cloud Security add-on & PCI DSS mapping 【Continuous Study】
ISO Cloud Security add-on & PCI DSS mapping 【Continuous Study】ISO Cloud Security add-on & PCI DSS mapping 【Continuous Study】
ISO Cloud Security add-on & PCI DSS mapping 【Continuous Study】Jerimi Soma
 
Ch12-Software Engineering 9
Ch12-Software Engineering 9Ch12-Software Engineering 9
Ch12-Software Engineering 9Ian Sommerville
 
Risk Management Framework (RMF) STEP 4- Access Security Controls - NIST SP 80...
Risk Management Framework (RMF) STEP 4- Access Security Controls - NIST SP 80...Risk Management Framework (RMF) STEP 4- Access Security Controls - NIST SP 80...
Risk Management Framework (RMF) STEP 4- Access Security Controls - NIST SP 80...James W. De Rienzo
 
Chapter14 Windows Server 2003 Security Features
Chapter14 Windows Server 2003 Security FeaturesChapter14 Windows Server 2003 Security Features
Chapter14 Windows Server 2003 Security FeaturesRaja Waseem Akhtar
 
3 windowssecurity
3 windowssecurity3 windowssecurity
3 windowssecurityricharddxd
 
Windows Logging Cheat Sheet ver Jan 2016 - MalwareArchaeology
Windows Logging Cheat Sheet ver Jan 2016 - MalwareArchaeologyWindows Logging Cheat Sheet ver Jan 2016 - MalwareArchaeology
Windows Logging Cheat Sheet ver Jan 2016 - MalwareArchaeologyMichael Gough
 
Windows Registry Auditing Cheat Sheet ver Oct 2016 - MalwareArchaeology
Windows Registry Auditing Cheat Sheet ver Oct 2016 - MalwareArchaeologyWindows Registry Auditing Cheat Sheet ver Oct 2016 - MalwareArchaeology
Windows Registry Auditing Cheat Sheet ver Oct 2016 - MalwareArchaeologyMichael Gough
 
Active Directory Auditing
Active Directory AuditingActive Directory Auditing
Active Directory AuditingWILLA REYES
 
Windows splunk logging cheat sheet Oct 2016 - MalwareArchaeology.com
Windows splunk logging cheat sheet Oct 2016 - MalwareArchaeology.comWindows splunk logging cheat sheet Oct 2016 - MalwareArchaeology.com
Windows splunk logging cheat sheet Oct 2016 - MalwareArchaeology.comMichael Gough
 
Windows logging cheat sheet
Windows logging cheat sheetWindows logging cheat sheet
Windows logging cheat sheetMichael Gough
 
IT103Microsoft Windows XP/OS Chap14
IT103Microsoft Windows XP/OS Chap14IT103Microsoft Windows XP/OS Chap14
IT103Microsoft Windows XP/OS Chap14blusmurfydot1
 
70 640 Lesson08 Ppt 041009
70 640 Lesson08 Ppt 04100970 640 Lesson08 Ppt 041009
70 640 Lesson08 Ppt 041009Coffeyville Community College
 
Security architecture, engineering and operations
Security architecture, engineering and operationsSecurity architecture, engineering and operations
Security architecture, engineering and operationsPiyush Jain
 
Monitoring of computers
Monitoring of computers Monitoring of computers
Monitoring of computers carlosrudy_45
 
Running head AUDITING INFORMATION SYSTEMS PROCESS .docx
Running head AUDITING INFORMATION SYSTEMS PROCESS .docxRunning head AUDITING INFORMATION SYSTEMS PROCESS .docx
Running head AUDITING INFORMATION SYSTEMS PROCESS .docxjoellemurphey
 
· Processed on 09-Dec-2014 901 PM CST · ID 488406360 · Word .docx
· Processed on 09-Dec-2014 901 PM CST · ID 488406360 · Word .docx· Processed on 09-Dec-2014 901 PM CST · ID 488406360 · Word .docx
· Processed on 09-Dec-2014 901 PM CST · ID 488406360 · Word .docxLynellBull52
 
Testing guide
Testing guideTesting guide
Testing guideMyneni Swapna
 
Software Project Management: Testing Document
Software Project Management: Testing DocumentSoftware Project Management: Testing Document
Software Project Management: Testing DocumentMinhas Kamal
 
S D L C
S D L CS D L C
S D L CSudipta K Paik
 
IT 145 FINAL PROJECT GUIDELINES / TUTORIALOUTLET DOT COM
IT 145 FINAL PROJECT GUIDELINES / TUTORIALOUTLET DOT COMIT 145 FINAL PROJECT GUIDELINES / TUTORIALOUTLET DOT COM
IT 145 FINAL PROJECT GUIDELINES / TUTORIALOUTLET DOT COMalbert0061
 
Ch10 Conducting Audits
Ch10 Conducting AuditsCh10 Conducting Audits
Ch10 Conducting AuditsInformation Technology
 
Data Center Security: Achieving Prevention & the Targeted Prevention Policy's...
Data Center Security: Achieving Prevention & the Targeted Prevention Policy's...Data Center Security: Achieving Prevention & the Targeted Prevention Policy's...
Data Center Security: Achieving Prevention & the Targeted Prevention Policy's...Symantec
 
aMs Southeast Asia 2021 : Insider risk protection and containment in microsof...
aMs Southeast Asia 2021 : Insider risk protection and containment in microsof...aMs Southeast Asia 2021 : Insider risk protection and containment in microsof...
aMs Southeast Asia 2021 : Insider risk protection and containment in microsof...Mitul Rana
 
CHAPTER 9 Design Considerations In this chapter you will
CHAPTER 9 Design Considerations In this chapter you willCHAPTER 9 Design Considerations In this chapter you will
CHAPTER 9 Design Considerations In this chapter you willJinElias52
 
Lets talk about soc2s, baby! BSidesLV 2021
Lets talk about soc2s, baby! BSidesLV 2021Lets talk about soc2s, baby! BSidesLV 2021
Lets talk about soc2s, baby! BSidesLV 2021Wendy Knox Everette
 
Ch06 Policy
Ch06 PolicyCh06 Policy
Ch06 Policyphanleson
 
Fixnix GRC Suite A Glance
Fixnix GRC Suite A GlanceFixnix GRC Suite A Glance
Fixnix GRC Suite A GlanceFixNix Inc.,
 
The Most Underutilized Configuration Management Features
The Most Underutilized Configuration Management Features The Most Underutilized Configuration Management Features
The Most Underutilized Configuration Management Features Cireson
 
Vulnerabilidades en sitios web(español)
Vulnerabilidades en sitios web(español)Vulnerabilidades en sitios web(español)
Vulnerabilidades en sitios web(español)Miguel de la Cruz
 
Vulnerabilidades en sitios web (english)
Vulnerabilidades en sitios web (english)Vulnerabilidades en sitios web (english)
Vulnerabilidades en sitios web (english)Miguel de la Cruz
 

Contenu connexe

Similaire à Managing security settings in windows server with group policy

Windows splunk logging cheat sheet Oct 2016 - MalwareArchaeology.com
Windows splunk logging cheat sheet Oct 2016 - MalwareArchaeology.comWindows splunk logging cheat sheet Oct 2016 - MalwareArchaeology.com
Windows splunk logging cheat sheet Oct 2016 - MalwareArchaeology.comMichael Gough
 
Windows logging cheat sheet
Windows logging cheat sheetWindows logging cheat sheet
Windows logging cheat sheetMichael Gough
 
IT103Microsoft Windows XP/OS Chap14
IT103Microsoft Windows XP/OS Chap14IT103Microsoft Windows XP/OS Chap14
IT103Microsoft Windows XP/OS Chap14blusmurfydot1
 
Security architecture, engineering and operations
Security architecture, engineering and operationsSecurity architecture, engineering and operations
Security architecture, engineering and operationsPiyush Jain
 
Monitoring of computers
Monitoring of computers Monitoring of computers
Monitoring of computers carlosrudy_45
 
Running head AUDITING INFORMATION SYSTEMS PROCESS .docx
Running head AUDITING INFORMATION SYSTEMS PROCESS .docxRunning head AUDITING INFORMATION SYSTEMS PROCESS .docx
Running head AUDITING INFORMATION SYSTEMS PROCESS .docxjoellemurphey
 
· Processed on 09-Dec-2014 901 PM CST · ID 488406360 · Word .docx
· Processed on 09-Dec-2014 901 PM CST · ID 488406360 · Word .docx· Processed on 09-Dec-2014 901 PM CST · ID 488406360 · Word .docx
· Processed on 09-Dec-2014 901 PM CST · ID 488406360 · Word .docxLynellBull52
 
Software Project Management: Testing Document
Software Project Management: Testing DocumentSoftware Project Management: Testing Document
Software Project Management: Testing DocumentMinhas Kamal
 
IT 145 FINAL PROJECT GUIDELINES / TUTORIALOUTLET DOT COM
IT 145 FINAL PROJECT GUIDELINES / TUTORIALOUTLET DOT COMIT 145 FINAL PROJECT GUIDELINES / TUTORIALOUTLET DOT COM
IT 145 FINAL PROJECT GUIDELINES / TUTORIALOUTLET DOT COMalbert0061
 
Data Center Security: Achieving Prevention & the Targeted Prevention Policy's...
Data Center Security: Achieving Prevention & the Targeted Prevention Policy's...Data Center Security: Achieving Prevention & the Targeted Prevention Policy's...
Data Center Security: Achieving Prevention & the Targeted Prevention Policy's...Symantec
 
aMs Southeast Asia 2021 : Insider risk protection and containment in microsof...
aMs Southeast Asia 2021 : Insider risk protection and containment in microsof...aMs Southeast Asia 2021 : Insider risk protection and containment in microsof...
aMs Southeast Asia 2021 : Insider risk protection and containment in microsof...Mitul Rana
 
CHAPTER 9 Design Considerations In this chapter you will
CHAPTER 9 Design Considerations In this chapter you willCHAPTER 9 Design Considerations In this chapter you will
CHAPTER 9 Design Considerations In this chapter you willJinElias52
 
Lets talk about soc2s, baby! BSidesLV 2021
Lets talk about soc2s, baby! BSidesLV 2021Lets talk about soc2s, baby! BSidesLV 2021
Lets talk about soc2s, baby! BSidesLV 2021Wendy Knox Everette
 
Fixnix GRC Suite A Glance
Fixnix GRC Suite A GlanceFixnix GRC Suite A Glance
Fixnix GRC Suite A GlanceFixNix Inc.,
 
The Most Underutilized Configuration Management Features
The Most Underutilized Configuration Management Features The Most Underutilized Configuration Management Features
The Most Underutilized Configuration Management Features Cireson
 

Similaire à Managing security settings in windows server with group policy (20)

Windows splunk logging cheat sheet Oct 2016 - MalwareArchaeology.com
Windows splunk logging cheat sheet Oct 2016 - MalwareArchaeology.comWindows splunk logging cheat sheet Oct 2016 - MalwareArchaeology.com
Windows splunk logging cheat sheet Oct 2016 - MalwareArchaeology.com
 
Windows logging cheat sheet
Windows logging cheat sheetWindows logging cheat sheet
Windows logging cheat sheet
 
IT103Microsoft Windows XP/OS Chap14
IT103Microsoft Windows XP/OS Chap14IT103Microsoft Windows XP/OS Chap14
IT103Microsoft Windows XP/OS Chap14
 
70 640 Lesson08 Ppt 041009
70 640 Lesson08 Ppt 04100970 640 Lesson08 Ppt 041009
70 640 Lesson08 Ppt 041009
 
Security architecture, engineering and operations
Security architecture, engineering and operationsSecurity architecture, engineering and operations
Security architecture, engineering and operations
 
Monitoring of computers
Monitoring of computers Monitoring of computers
Monitoring of computers
 
Running head AUDITING INFORMATION SYSTEMS PROCESS .docx
Running head AUDITING INFORMATION SYSTEMS PROCESS .docxRunning head AUDITING INFORMATION SYSTEMS PROCESS .docx
Running head AUDITING INFORMATION SYSTEMS PROCESS .docx
 
· Processed on 09-Dec-2014 901 PM CST · ID 488406360 · Word .docx
· Processed on 09-Dec-2014 901 PM CST · ID 488406360 · Word .docx· Processed on 09-Dec-2014 901 PM CST · ID 488406360 · Word .docx
· Processed on 09-Dec-2014 901 PM CST · ID 488406360 · Word .docx
 
Testing guide
Testing guideTesting guide
Testing guide
 
Software Project Management: Testing Document
Software Project Management: Testing DocumentSoftware Project Management: Testing Document
Software Project Management: Testing Document
 
S D L C
S D L CS D L C
S D L C
 
IT 145 FINAL PROJECT GUIDELINES / TUTORIALOUTLET DOT COM
IT 145 FINAL PROJECT GUIDELINES / TUTORIALOUTLET DOT COMIT 145 FINAL PROJECT GUIDELINES / TUTORIALOUTLET DOT COM
IT 145 FINAL PROJECT GUIDELINES / TUTORIALOUTLET DOT COM
 
Ch10 Conducting Audits
Ch10 Conducting AuditsCh10 Conducting Audits
Ch10 Conducting Audits
 
Data Center Security: Achieving Prevention & the Targeted Prevention Policy's...
Data Center Security: Achieving Prevention & the Targeted Prevention Policy's...Data Center Security: Achieving Prevention & the Targeted Prevention Policy's...
Data Center Security: Achieving Prevention & the Targeted Prevention Policy's...
 
aMs Southeast Asia 2021 : Insider risk protection and containment in microsof...
aMs Southeast Asia 2021 : Insider risk protection and containment in microsof...aMs Southeast Asia 2021 : Insider risk protection and containment in microsof...
aMs Southeast Asia 2021 : Insider risk protection and containment in microsof...
 
CHAPTER 9 Design Considerations In this chapter you will
CHAPTER 9 Design Considerations In this chapter you willCHAPTER 9 Design Considerations In this chapter you will
CHAPTER 9 Design Considerations In this chapter you will
 
Lets talk about soc2s, baby! BSidesLV 2021
Lets talk about soc2s, baby! BSidesLV 2021Lets talk about soc2s, baby! BSidesLV 2021
Lets talk about soc2s, baby! BSidesLV 2021
 
Ch06 Policy
Ch06 PolicyCh06 Policy
Ch06 Policy
 
Fixnix GRC Suite A Glance
Fixnix GRC Suite A GlanceFixnix GRC Suite A Glance
Fixnix GRC Suite A Glance
 
The Most Underutilized Configuration Management Features
The Most Underutilized Configuration Management Features The Most Underutilized Configuration Management Features
The Most Underutilized Configuration Management Features
 

Plus de Miguel de la Cruz

Vulnerabilidades en sitios web(español)
Vulnerabilidades en sitios web(español)Vulnerabilidades en sitios web(español)
Vulnerabilidades en sitios web(español)Miguel de la Cruz
 
Vulnerabilidades en sitios web (english)
Vulnerabilidades en sitios web (english)Vulnerabilidades en sitios web (english)
Vulnerabilidades en sitios web (english)Miguel de la Cruz
 
Administración de configuraciones de seguridad en windows server con group po...
Administración de configuraciones de seguridad en windows server con group po...Administración de configuraciones de seguridad en windows server con group po...
Administración de configuraciones de seguridad en windows server con group po...Miguel de la Cruz
 
Protocolo de Archivo clinico
Protocolo de Archivo clinicoProtocolo de Archivo clinico
Protocolo de Archivo clinicoMiguel de la Cruz
 
Origen de la ingeniería en sistemas computacionales
Origen de la ingeniería en sistemas computacionalesOrigen de la ingeniería en sistemas computacionales
Origen de la ingeniería en sistemas computacionalesMiguel de la Cruz
 
Origen de la ingeniería en sistemas computacionales
Origen de la ingeniería en sistemas computacionalesOrigen de la ingeniería en sistemas computacionales
Origen de la ingeniería en sistemas computacionalesMiguel de la Cruz
 
Origen de la ingeniería en sistemas computacionales
Origen de la ingeniería en sistemas computacionalesOrigen de la ingeniería en sistemas computacionales
Origen de la ingeniería en sistemas computacionalesMiguel de la Cruz
 

Plus de Miguel de la Cruz (14)

Vulnerabilidades en sitios web(español)
Vulnerabilidades en sitios web(español)Vulnerabilidades en sitios web(español)
Vulnerabilidades en sitios web(español)
 
Vulnerabilidades en sitios web (english)
Vulnerabilidades en sitios web (english)Vulnerabilidades en sitios web (english)
Vulnerabilidades en sitios web (english)
 
Administración de configuraciones de seguridad en windows server con group po...
Administración de configuraciones de seguridad en windows server con group po...Administración de configuraciones de seguridad en windows server con group po...
Administración de configuraciones de seguridad en windows server con group po...
 
Cuestionario
CuestionarioCuestionario
Cuestionario
 
Archivo clinico
Archivo clinicoArchivo clinico
Archivo clinico
 
Protocolo de Archivo clinico
Protocolo de Archivo clinicoProtocolo de Archivo clinico
Protocolo de Archivo clinico
 
Ensayo telecomunicaciones
Ensayo telecomunicacionesEnsayo telecomunicaciones
Ensayo telecomunicaciones
 
La tierra es plana
La tierra es planaLa tierra es plana
La tierra es plana
 
Ing. del futuro
Ing. del futuroIng. del futuro
Ing. del futuro
 
Ing. del futuro
Ing. del futuroIng. del futuro
Ing. del futuro
 
Ing. del futuro
Ing. del futuroIng. del futuro
Ing. del futuro
 
Origen de la ingeniería en sistemas computacionales
Origen de la ingeniería en sistemas computacionalesOrigen de la ingeniería en sistemas computacionales
Origen de la ingeniería en sistemas computacionales
 
Origen de la ingeniería en sistemas computacionales
Origen de la ingeniería en sistemas computacionalesOrigen de la ingeniería en sistemas computacionales
Origen de la ingeniería en sistemas computacionales
 
Origen de la ingeniería en sistemas computacionales
Origen de la ingeniería en sistemas computacionalesOrigen de la ingeniería en sistemas computacionales
Origen de la ingeniería en sistemas computacionales
 

Dernier

Thermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptThermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptDineshKumar4165
 
notes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.pptnotes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.pptMsecMca
 
Introduction to Serverless with AWS Lambda
Introduction to Serverless with AWS LambdaIntroduction to Serverless with AWS Lambda
Introduction to Serverless with AWS LambdaOmar Fathy
 
chapter 5.pptx: drainage and irrigation engineering
chapter 5.pptx: drainage and irrigation engineeringchapter 5.pptx: drainage and irrigation engineering
chapter 5.pptx: drainage and irrigation engineeringmulugeta48
 
Hostel management system project report..pdf
Hostel management system project report..pdfHostel management system project report..pdf
Hostel management system project report..pdfKamal Acharya
 
Top Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoor
Top Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoorTop Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoor
Top Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoordharasingh5698
 
2016EF22_0 solar project report rooftop projects
2016EF22_0 solar project report rooftop projects2016EF22_0 solar project report rooftop projects
2016EF22_0 solar project report rooftop projectssmsksolar
 
Generative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTGenerative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTbhaskargani46
 
Employee leave management system project.
Employee leave management system project.Employee leave management system project.
Employee leave management system project.Kamal Acharya
 
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...SUHANI PANDEY
 
Hazard Identification (HAZID) vs. Hazard and Operability (HAZOP): A Comparati...
Hazard Identification (HAZID) vs. Hazard and Operability (HAZOP): A Comparati...Hazard Identification (HAZID) vs. Hazard and Operability (HAZOP): A Comparati...
Hazard Identification (HAZID) vs. Hazard and Operability (HAZOP): A Comparati...soginsider
 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXssuser89054b
 
Thermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - VThermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - VDineshKumar4165
 
Call Girls Wakad Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Wakad Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Wakad Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Wakad Call Me 7737669865 Budget Friendly No Advance Bookingroncy bisnoi
 
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...tanu pandey
 
Standard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power PlayStandard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power PlayEpec Engineered Technologies
 

Dernier (20)

Thermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptThermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . ppt
 
notes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.pptnotes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.ppt
 
Introduction to Serverless with AWS Lambda
Introduction to Serverless with AWS LambdaIntroduction to Serverless with AWS Lambda
Introduction to Serverless with AWS Lambda
 
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
 
chapter 5.pptx: drainage and irrigation engineering
chapter 5.pptx: drainage and irrigation engineeringchapter 5.pptx: drainage and irrigation engineering
chapter 5.pptx: drainage and irrigation engineering
 
Hostel management system project report..pdf
Hostel management system project report..pdfHostel management system project report..pdf
Hostel management system project report..pdf
 
Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024
 
Integrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - NeometrixIntegrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - Neometrix
 
Top Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoor
Top Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoorTop Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoor
Top Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoor
 
2016EF22_0 solar project report rooftop projects
2016EF22_0 solar project report rooftop projects2016EF22_0 solar project report rooftop projects
2016EF22_0 solar project report rooftop projects
 
Generative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTGenerative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPT
 
Employee leave management system project.
Employee leave management system project.Employee leave management system project.
Employee leave management system project.
 
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
 
Hazard Identification (HAZID) vs. Hazard and Operability (HAZOP): A Comparati...
Hazard Identification (HAZID) vs. Hazard and Operability (HAZOP): A Comparati...Hazard Identification (HAZID) vs. Hazard and Operability (HAZOP): A Comparati...
Hazard Identification (HAZID) vs. Hazard and Operability (HAZOP): A Comparati...
 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
 
Thermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - VThermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - V
 
Call Girls Wakad Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Wakad Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Wakad Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Wakad Call Me 7737669865 Budget Friendly No Advance Booking
 
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
 
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak HamilCara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
 
Standard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power PlayStandard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power Play
 

Managing security settings in windows server with group policy

  • 1. Administración y Seguridad en Windows Server 1 Managing Security Settings in Windows Server with Group Policy Estela Cruz Díaz Miguel A. Morales de la Cruz Francisco de Jesús Sánchez Enríquez Instituto Tecnológico de Tuxtepec Febrero 2014
  • 2. Administración y Seguridad en Windows Server 2 ABSTRACT To safeguard Windows it’s required a successful deployment of Group Policy, which depends on Active Directory and is the primary means for securing servers and desktop environments. Group Policy can define the status of the work environment of users and computers allowing recovery services, securities registration, account policies, group memberships and other features of machines on the network. Provide to administrators a high degree of administrative control over users and computers on the network. The main objective of this article is to give you ways of how security policies, through Group Policy allow to define the procedures for configuring and managing security to computing environment.
  • 3. Administración y Seguridad en Windows Server 3 KEYWORDS  Security  Configuration  Templates  Passwords
  • 4. Administración y Seguridad en Windows Server 4 INTRODUCTION Group Policy is implemented in Windows Server since its inception infrastructure, which allows you to specify managed for users and computers through Group Policy settings and policy preferences settings. You can manage your settings and preferences in an environment of Domain Services Active Directory through the Management Console Group Policy Management (GPMC). Group Policy is an infrastructure that allows to implement specific configurations for users and computers. Unfortunately, these guidelines are not easy to implement, since they are linked to Active Directory containers and therefore users must first know this tool. This article aims to IT professionals and general users to understand the characteristics of security auditing in Windows and how your organization can benefit from using these technologies to enhance security and network administration.
  • 5. Administración y Seguridad en Windows Server 5 Security Auditing Overview Feature description Security auditing is a powerful tool to help maintain the security of an enterprise. Auditing can be used for a variety of purposes, including forensic analysis, regulatory compliance, monitoring user activity, and troubleshooting. Industry regulations in various countries or regions require enterprises to implement a strict set of rules related to data security and privacy. Security audits can help implement such policies and prove that these policies have been implemented. Also, security auditing can be used for forensic analysis, to help administrators detect anomalous behavior, to identify and mitigate gaps in security policies, and to deter irresponsible behavior by tracking critical user activities. Managing security auditing To use security auditing, you need to configure the system access control list (SACL) for an object, and apply the appropriate security audit policy to the user or computer. For more information, see Managing Security Auditing. (http://technet.microsoft.com/library/cc771475.aspx).
  • 6. Administración y Seguridad en Windows Server 6 AUDIT GUIDELINES Before implementing an audit, you must decide on an audit. An audit policy specifies the categories of security-related events you want to audit. When this version of Windows is first installed, all audit categories are disabled. Enabling several categories of audit events, you can deploy an adequate audit to the security needs of your organization. Event categories you can choose to audit are:  Audit logon events account  Audit account management  Audit directory service access  Audit logon events  Audit object access  Audit policy change  Audit privilege use  Audit process tracking  Audit system events If you choose to audit access to objects as part of your audit, you must enable the category Audit directory service access (for audit objects in a domain controller) or category Audit object access (to audit objects a member server or workstation). After you enable the Object Access category, you can specify the types of access you want to audit for each group or user. To enable auditing of local objects, you must be logged as member of the predefined administrator accounts.
  • 7. Administración y Seguridad en Windows Server 7 CONFIGURATION SET OR CHANGE OF DIRECTORS OF A CATEGORY EVENT. When defining auditing settings for specific event categories, you can create a proper audit for security needs of your organization. On servers and work stations member who join a domain, configuration audit event categories are not defined by default. On domain controllers, auditing is enabled by default. To set or change the configuration of the audit policy for a category of events on the local computer 1. Open the Local Security Policy snap-in and select Local Policies. 2. In the console tree, click Audit Policy. Where?  Security Settings / Local Policies / Audit Policies 3. In the results pane, double-click an event category for which you want to modify the audit policy setting. 4. Perform one of the following, or both, and click OK.  To audit successful attempts, select the Success check box.  To audit unsuccessful attempts, select the Failed check box ADDITIONAL CONSIDERATIONS  To open Microsoft Management Console using the Windows interface, click Start, in the Start Search text box, type mmc, and then press ENTER.  To audit access to objects, enable auditing of the category of object access events following the steps above. Next, enable auditing specific object.  After configuring the audit, the events are stored in the security log. Open the Security log to view these events.  The default configuration of the audit policy for domain controllers is No Auditing. That means that even if auditing is enabled in the domain, domain controllers do not inherit auditing policy locally. If you want the audit policy to apply to domain controllers, you must modify this policy setting.
  • 8. Administración y Seguridad en Windows Server 8 APPLY OR MODIFY THE SETTING OF DIRECTORS AUDIT OF A STOCK OR A LOCAL FOLDER. To apply or modify auditing policy settings for a local file or folder. 1. - Open Windows Explorer. 2. - Click the right mouse button on the file or folder you want to audit, click Properties, then click the Security tab. 3. - Click Edit, and then click Advanced. (If not logged in as a member of the Administrators group on this computer, you must provide administrative credentials to continue). 4. - The box for Advanced Security Settings dialog <object> click the Auditing tab. 5. - Do one of the following steps:  To configure auditing for a user or group, click Add. In Enter the object name to select, type the name of the user or group you want, and then click OK.  To remove auditing for an existing group or user, click on their name, click Remove, click OK, and then skip the rest of this procedure.  To view or change auditing for an existing group or user, click on his name and then click Edit. 6.- In the Apply onto box, click the location where you want the audit is conducted. 7. - In the Access box, indicate what actions you want to audit to do so, check the appropriate boxes:  To audit successful events, select the Success check box.  To stop auditing successful events, clear the Success check box.  To audit unsuccessful events, select the Failed check box.  To stop auditing unsuccessful events, clear the Failed check box.  To stop auditing all events, click Clear All. 8. - If you want to prevent files and subfolders of the original object from inheriting these audit entries, select the Apply these auditing entries to objects and / or containers within this container only check box.
  • 9. Administración y Seguridad en Windows Server 9 Important: Before you configure auditing of files and folders, you must enable Audit object access; to do this, set the audit policy setting for the category of object access events. If you do not enable the Audit object access, an error message to set up auditing for files and folders appear, and no files or folders are audited. Additional Considerations  You must be logged on as a member of the Administrators group or you must have been granted the right to Manage auditing and security in Group Policy to perform this procedure.  To open Windows Explorer, click Start, point to All Programs, click Accessories, and then click Windows Explorer.  After you enable auditing of object access, see the Security log in Event Viewer to check the result of the changes.  You can only configure auditing of files and folders on NTFS drives.  If you notice any of the following situations, the audit has been inherited from the parent folder: o Check the box to audit Folder> file> or dialogue in the Access box, the boxes are not available. o In the box for Advanced Security Settings dialog file> or Folder>, the Remove button is unavailable.  Because the security log is limited in size, select the files and folders to be audited. Also consider the amount of disk space you want to devote to the security log. The maximum size of the security log is defined in Event Viewer.
  • 10. Administración y Seguridad en Windows Server 10 SAFETY CHECK REGISTER The security log records every event as defined in audit policies established in each object. To view the security log 1. - Open the event viewer. 2. - In the console tree, open Global Records, and then click Security. The results pane lists individual security events. 3. - If you want more details about a specific event, double-click the event in the results pane. Additional Considerations  To open Event Viewer, click Start, Control Panel, System and Maintenance, double-click Administrative Tools, and then double-click Event Viewer.  If the computer is connected to a network, it is likely that the network policy settings prevent you from performing the procedure.
  • 11. Administración y Seguridad en Windows Server 11 RESULTS With this research we tried to understand more about Group Policy, one of the tools that can be used in order to have more effective in the field of security settings in Windows Server Administration. This topic is of great importance because the Server Administrator Windows Server 2008 enables you to view and manage almost all the information and tools that affect the productivity of a server. Server Manager increases the efficiency of server administration, since a single tool (Group Policy) allows administrators to:  View and modify the functions and features installed on the server.  Perform administrative tasks associated with the operational lifecycle of the server.  Determine server status, identify critical events, and analyze configuration errors.  Install or remove roles, role services, and features. The process to implement a Group Policy solution involves planning, design, implement and manage the solution. During the design phase:  Define the scope of Group Policy.  Determine the values of policy settings that apply to all corporate users.  Classify users and equipment according to their functions and locations.  Plan desktop configurations depending on the requirements of users and computers.
  • 12. Administración y Seguridad en Windows Server 12  A well-planned design will help ensure a successful deployment of Group Policy. The implementation phase begins with an essay in a test environment. The process includes:  Creating standard desktop configurations.  Filter the scope of Group Policy objects.  Specifying exceptions to default inheritance of Group Policy.  Delegating administration of Group Policy.  Evaluation of effective policy settings using Group Policy Modeling.  Evaluation of results using Group Policy Results. Use of a technique for searching for information was made, this technique is known as an exact phrase, because this is to locate key words or keywords, then locates documents containing the word to start.
  • 13. Administración y Seguridad en Windows Server 13 DISCUSSION OF RESULTS Try conscientiously implement Group Policy in a test environment before deploying it in a production environment. Consider an iterative implementation of Group Policy: Instead of implementing settings 100 new Group Policy, first try and implement some values only to validate that the infrastructure of the Group Policy is working correctly. Finally, be prepared to maintain Group Policy setting control procedures for working with objects. Before designing the implementation of Group Policy, you must understand the current organizational environment and perform some preparatory steps in the following areas: Active Directory: make sure the design of organizational units in Active Directory for all domains in the forest supports the application of Group Policy. For more information, see about designing an OU structure. Red: Make sure that the network meets the requirements of technology change management and configuration. For example, since the group policy works only with fully qualified domain names, the Directory Name Service (DNS) must be running in the forest in order to process the group policy correctly. Security: Get a list of security groups that are currently in use in the domain. Work with security administrators, as it delegates the responsibility for the administration of the OU. IT Requirements: Get a list of administrative owners and corporate standards administrative domains and OUs in the domain. This will develop a good plan of delegation and ensure that Group Policy is inherited correctly.
  • 14. Administración y Seguridad en Windows Server 14 REFERENCES: http://technet.microsoft.com/library/cc771475.aspx http://technet.microsoft.com/en-us/library/dn319078.aspx http://technet.microsoft.com/es-es/library/cc730601.aspx http://technet.microsoft.com/es-es/library/cc732450.aspx http://technet.microsoft.com/es-es/library/cc771070.aspx http://technet.microsoft.com/es-es/library/cc731826.aspx http://technet.microsoft.com/es-es/library/dd349801(v=ws.10).aspx http://technet.microsoft.com/es-es/library/cc728909.aspx http://technet.microsoft.com/es-es/library/hh801901.aspx