search

Microsoft Windows NT 4.0 Guide Manual de usuario Pagina 154

  • Descarga
  • Añadir a mis manuales
  • Imprimir
  • Pagina
    / 155
  • Tabla de contenidos
  • MARCADORES
    • Valorado. / 5. Basado en revisión del cliente
Vista de pagina 153
Microsoft
®
Windows Server
2003 White Paper
Windows NT 4.0 Server Upgrade Guide 149
SECURE CHANNEL SIGNING
By default, Windows Server 2003 Domain Controllers require that all secure channel
communications be either signed or encrypted. Secure channels are used by Windows
NT-based machines for communications between domain members and domain controllers
as well as between domain controllers that have a trust relationship. Windows NT
4.0 machines prior to Service Pack 4 are not capable of signing or encrypting
secure channel communications. If Windows NT 4.0 machines prior to SP4 must join
this domain, or this domain must trust other domains that contain pre-SP4 Domain
Controllers, then the secure channel signing requirement can be removed by
disabling the following security policy in the Default Domain Controller GPO:
Computer Configuration\Windows Settings\Security Settings\Local Policies\Security
Options\Domain Member: Digitally encrypt or sign secure channel data (always)
Detailed instructions on how to modify this setting are provided below.
Warning: Disabling this security setting exposes secure channel communications to
"man in the middle" types of attacks. Therefore it is highly recommended that you
upgrade your Windows NT 4.0 machines rather than disabling this security setting.
MODIFYING THE DEFAULT DOMAIN CONTROLLER GPO
To ensure all domain controllers are enforcing the same SMB and secure channel
signing requirements, define the corresponding security settings in the Default
Domain Controller GPO as follows:
1. Log on to a machine that has the Active Directory Users and Computers Snap-in
installed.
2. Start --> Run --> DSA.MSC
3. Expand the Domain that contains your Windows Server 2003 Domain Controllers.
4. Right-click on the Domain Controllers OU and then click Properties.
5. Click the Group Policy tab, select the Default Domain Controller Policy, and
then click Edit.
6. Expand Computer Configuration, Windows Settings, Security Settings, Local
Policies, Security Options
7. In the result pane, double click the security option you want to modify. For
example, Microsoft Network Server: Digitally sign communications (always) or Domain
Member: Digitally encrypt or sign secure channel data (always).
8. Check the Define this policy setting box.
9. Disable or Enable the security setting as desired, and then select OK.
Vista de pagina 153
1 2 ... 149 150 151 152 153 154 155

Comentarios a estos manuales

Sin comentarios
Relacionado con productos y manuales para Servidores Microsoft Windows NT 4.0 Guide
Servidores Microsoft Windows NT 4.0 Guide Información técnica   (26 paginas)
Servidores Microsoft Exchange 2000 Manual de usuario   (27 paginas)
Servidores Microsoft STOREXPRESS DSE4XM1 Guía de usuario   (49 paginas)
Servidores Microsoft Windows NT 4.0 Guide Guía de instalación    (58 paginas)
Servidores Microsoft Windows NT 4.0 Guide Guía de usuario   (144 paginas)
Servidores Microsoft Exchange 2000 Manual de usuario   (35 paginas)
Servidores Microsoft Windows NT 4.0 Guide Manual de usuario   (35 paginas)
Servidores Microsoft Windows NT 4.0 Guide Manual de usuario    (22 paginas)
  • Sansei Bosch Benchmark Leisure Season Ceriatone Primera
  • First Alert Cámaras De Seguridad Contemporary Research Sintonizador Olympus Carcasas De Cámaras Submarinas NComputing Redes Whirlpool Congeladores
  • Bonide Moletox II  Sony KDL-32S2000 HP Omni 120-1000
  • Swiftech H20 120 Manual de usuario Whirlpool GX5FHTXV Manual de usuario Yamaha W24 Manual Samsung SM-G9250 Manual de usuario