SlideShare a Scribd company logo

Network Implementation and Support Lesson 03 User Accounts - Eric Vanderburg

Download as PPT, PDF
Eric Vanderburg
Eric Vanderburg

Network Implementation and Support Lesson 03 User Accounts - Eric Vanderburg

Technology
1 of 19
Network Implementation & Support Chapter 3 User Accounts Eric Vanderburg © 2006
User Accounts • • • • • • • Used for assigning permissions Customizing environment & settings Tracking usage Should adhere to naming conventions Strong passwords One for each person Two for administrators Eric Vanderburg © 2006
Adding & Changing accounts • Active Directory Users & Computers – Create users & groups – Disable accounts – Change account properties – Change group membership Eric Vanderburg © 2006
Property Tabs • General – personal info • Address – more personal info • Account – logon name, domain, expiration date, hours, computer to login from • Profile – scripts, shared home folders • Telephones • Organization – Title, dept, company, manager Eric Vanderburg © 2006
Property Tabs • Member Of – groups • Dial-in – VPN & Dialup permissions • Environment – terminal services programs to run at startup • Sessions – terminal services drop times, reconnection times • Remote Control – view options for terminal services sessions • Terminal Services Profile • COM+ - allows app filtering by setting a COM+ partition for the user. Eric Vanderburg © 2006
Authentication • Verify identity • Submit credentials – Username/Password – SmartCard – Biometrics • Interactive Authentication – Use the logon screen • Network Authentication – Takes place when network resources are accessed. Eric Vanderburg © 2006
Kerberos • Authentication Method (Win2k &2k3 default) • Based on RFC 1510 • Uses Kerberos version 5 Eric Vanderburg © 2006
Kerberos Components • KDC (Key Distribution Center) – AS (Authentication Service) • Verifies identity through AD • Gives TGT (Ticket Granting Ticket) which gives access to certain resources – TGS (Ticket-Granting Service) • Verifies TGT • Creates a service ticket & session key for a resource based on TGT. Client can present the service ticket to another server to access it’s content. NOTE: Servers have tickets too. • Only services it’s own domain. Must refer to another TGS for interdomain resource access (gives referral ticket) • Server with the desired resource • Client Eric Vanderburg © 2006
Kerberos • Delegation with Forwarding and Proxy - For a server such as a database server to access resources on your behalf. (given proxy or forwarding ticket) • NTP (Network Time Protocol) is used to synchronize time between machines. Keys are based on system time so all must be the same. • Replaces NTLM (NT LAN Manager) & NTLMv2 – still used with pre 2k clients – Challenge – 16 bit random number (seeds the hash) – Hashes password – Hashes are compared Eric Vanderburg © 2006
Profiles • Local Profiles • Roaming Profiles • Mandatory Profiles – Change ntuser.dat to ntuser.man • Default Profile – for new accounts • All Users Profile – for existing accounts • Profile properties – System Properties  User Profiles  Settings Eric Vanderburg © 2006
Profile Folder • • • • • • • • • • • Application Data Cookies Desktop Favorites Local Settings – app data, history, temp My Recent Documents NetHood – My Network Places PrintHood – Printers Folder SendTo – program shell registrations Start Menu – shortcuts Templates Eric Vanderburg © 2006
User Template • Configure with common settings • Copy when new users are added • Disable the template! Eric Vanderburg © 2006
Command Line • Dsadd – create users – Dsadd user “cn=Eric Vanderburg, ou=faculty, dc=RemingtonCollege, dc=edu” –pwd password – memberof administrators –email evanderburg@gmail.com –disabled no • Dsmod – change properties & settings – Dsmod user “cn=Eric Vanderburg, ou=faculty, dc=RemingtonCollege, dc=edu” –phone “440-3762398” • Dsquery – Search – Dsquery user “dc=RemingtonCollege, dc=edu” Eric Vanderburg © 2006
Command Line • Dsmove – change location – Dsmove “current ldap location” –newparent “new ldap location” • Dsrm – delete users, groups – Dsrm “ldap location” –noprompt – Dsrm –subtree -c “ldap location” –noprompt • Dsget user “ldap” -memberof – Find groups user belongs to Eric Vanderburg © 2006
Command Line • CSVDE – export AD info to CSV file • LDIFDE – export AD info to LDIF (LDAP Interchange Format) file • Redirection – Send data out > – append >> – Bring data in < – Make output input cmd1 | cmd2 (ex: | more) Eric Vanderburg © 2006
Account Policies • • • • Right click on an object (SDOU) Select Properties  Group Policy You will see the object link, click edit Under Computer  Windows  Security  Account Policies Eric Vanderburg © 2006
Account Policies • Password Policies (History, Age, Length, Complexity, Encryption) • Account Lockout – Duration – length of lockout – Threshold – how many bad passwords locks out – Reset Counter - grace period • Kerberos Policy – – – – Enforce Logon Restrictions – check logon every time Service ticket max lifetime User ticket max lifetime – TGT life Tolerance of computer clock sync Eric Vanderburg © 2006
Auditing • Audit account logon events • Computer  Windows  Security  Local Policies  Audit Policy  Audit Account Logon events Eric Vanderburg © 2006
Acronyms • • • • KDC, Key Distribution Center NTLM, NT LAN Manager TGT, Ticket Granting Ticket TGS, Ticket Granting Service Eric Vanderburg © 2006

Recommended

IBM Spectrum scale object deep dive training
IBM Spectrum scale object deep dive trainingIBM Spectrum scale object deep dive training
IBM Spectrum scale object deep dive trainingSmita Raut
 
IBM Spectrum Scale Authentication For Object - Deep Dive
IBM Spectrum Scale Authentication For Object - Deep Dive IBM Spectrum Scale Authentication For Object - Deep Dive
IBM Spectrum Scale Authentication For Object - Deep Dive Smita Raut
 
DC
DCDC
DCswapnil dakhore
 
MCSA 70-412 Chapter 07
MCSA 70-412 Chapter 07 MCSA 70-412 Chapter 07
MCSA 70-412 Chapter 07 Computer Networking
 
Failover cluster
Failover clusterFailover cluster
Failover clusterChinmoy Jena
 
200308 Active Directory Security
200308 Active Directory Security200308 Active Directory Security
200308 Active Directory SecurityArmando Leon
 
Bridging the gap: Adding missing client (security) features using OpenLDAP pr...
Bridging the gap: Adding missing client (security) features using OpenLDAP pr...Bridging the gap: Adding missing client (security) features using OpenLDAP pr...
Bridging the gap: Adding missing client (security) features using OpenLDAP pr...LDAPCon
 
Network Implementation and Support Lesson 04 Group and Computer Accounts - ...
Network Implementation and Support Lesson 04 Group and Computer Accounts - ...Network Implementation and Support Lesson 04 Group and Computer Accounts - ...
Network Implementation and Support Lesson 04 Group and Computer Accounts - ...Eric Vanderburg
 

Recommended

IBM Spectrum scale object deep dive training
IBM Spectrum scale object deep dive trainingIBM Spectrum scale object deep dive training
IBM Spectrum scale object deep dive trainingSmita Raut
 
IBM Spectrum Scale Authentication For Object - Deep Dive
IBM Spectrum Scale Authentication For Object - Deep Dive IBM Spectrum Scale Authentication For Object - Deep Dive
IBM Spectrum Scale Authentication For Object - Deep Dive Smita Raut
 
DC
DCDC
DCswapnil dakhore
 
MCSA 70-412 Chapter 07
MCSA 70-412 Chapter 07 MCSA 70-412 Chapter 07
MCSA 70-412 Chapter 07 Computer Networking
 
Failover cluster
Failover clusterFailover cluster
Failover clusterChinmoy Jena
 
200308 Active Directory Security
200308 Active Directory Security200308 Active Directory Security
200308 Active Directory SecurityArmando Leon
 
Bridging the gap: Adding missing client (security) features using OpenLDAP pr...
Bridging the gap: Adding missing client (security) features using OpenLDAP pr...Bridging the gap: Adding missing client (security) features using OpenLDAP pr...
Bridging the gap: Adding missing client (security) features using OpenLDAP pr...LDAPCon
 
Network Implementation and Support Lesson 04 Group and Computer Accounts - ...
Network Implementation and Support Lesson 04 Group and Computer Accounts - ...Network Implementation and Support Lesson 04 Group and Computer Accounts - ...
Network Implementation and Support Lesson 04 Group and Computer Accounts - ...Eric Vanderburg
 
How to Manage Scale-Out Environments with MariaDB MaxScale
How to Manage Scale-Out Environments with MariaDB MaxScaleHow to Manage Scale-Out Environments with MariaDB MaxScale
How to Manage Scale-Out Environments with MariaDB MaxScaleMariaDB plc
 
Windows Azure Storage – Architecture View
Windows Azure Storage – Architecture ViewWindows Azure Storage – Architecture View
Windows Azure Storage – Architecture ViewChaowlert Chaisrichalermpol
 
The Microsoft Cloud Partner
The Microsoft Cloud PartnerThe Microsoft Cloud Partner
The Microsoft Cloud PartnerNeethu Kuruvilla
 
Database Security Threats - MariaDB Security Best Practices
Database Security Threats - MariaDB Security Best PracticesDatabase Security Threats - MariaDB Security Best Practices
Database Security Threats - MariaDB Security Best PracticesMariaDB plc
 
How AD has been re-engineered to extend to the cloud
How AD has been re-engineered to extend to the cloudHow AD has been re-engineered to extend to the cloud
How AD has been re-engineered to extend to the cloudLDAPCon
 
Building Open Source Identity Management with FreeIPA
Building Open Source Identity Management with FreeIPABuilding Open Source Identity Management with FreeIPA
Building Open Source Identity Management with FreeIPALDAPCon
 
Monitoring active-directory
Monitoring active-directoryMonitoring active-directory
Monitoring active-directoryPrince JabaKumar
 
Mini training - Introduction to Microsoft Azure Storage
Mini training - Introduction to Microsoft Azure StorageMini training - Introduction to Microsoft Azure Storage
Mini training - Introduction to Microsoft Azure StorageBetclic Everest Group Tech Team
 
Active Directory Training
Active Directory TrainingActive Directory Training
Active Directory TrainingNishad Sukumaran
 
Demystifying SharePoint Infrastructure – for NON-IT People
Demystifying SharePoint Infrastructure – for NON-IT People Demystifying SharePoint Infrastructure – for NON-IT People
Demystifying SharePoint Infrastructure – for NON-IT People SPC Adriatics
 
Network Implementation and Support Lesson 10 Server Administration - Eric V...
Network Implementation and Support Lesson 10 Server Administration - Eric V...Network Implementation and Support Lesson 10 Server Administration - Eric V...
Network Implementation and Support Lesson 10 Server Administration - Eric V...Eric Vanderburg
 
Null talk
Null talkNull talk
Null talkAgam Jain
 
Networking Concepts Lesson 10 part 1 - Network Admin & Support - Eric Vanderburg
Networking Concepts Lesson 10 part 1 - Network Admin & Support - Eric VanderburgNetworking Concepts Lesson 10 part 1 - Network Admin & Support - Eric Vanderburg
Networking Concepts Lesson 10 part 1 - Network Admin & Support - Eric VanderburgEric Vanderburg
 
Presentation1.pptx
Presentation1.pptxPresentation1.pptx
Presentation1.pptxachutachut
 
Network servers
Network serversNetwork servers
Network serversOnline
 
Apache zookeeper seminar_trinh_viet_dung_03_2016
Apache zookeeper seminar_trinh_viet_dung_03_2016Apache zookeeper seminar_trinh_viet_dung_03_2016
Apache zookeeper seminar_trinh_viet_dung_03_2016Viet-Dung TRINH
 
Apache Zookeeper
Apache ZookeeperApache Zookeeper
Apache ZookeeperNguyen Quang
 
Private cloud networking_cloudstack_days_austin
Private cloud networking_cloudstack_days_austinPrivate cloud networking_cloudstack_days_austin
Private cloud networking_cloudstack_days_austinChiradeep Vittal
 
LDAP Integration
LDAP IntegrationLDAP Integration
LDAP IntegrationDell World
 
Make your first CloudStack Cloud successful
Make your first CloudStack Cloud successfulMake your first CloudStack Cloud successful
Make your first CloudStack Cloud successfulTim Mackey
 
CREATING AND MANAGING USER ACCOUNTS.pdf
CREATING AND MANAGING USER ACCOUNTS.pdfCREATING AND MANAGING USER ACCOUNTS.pdf
CREATING AND MANAGING USER ACCOUNTS.pdfSolomonAnab1
 
Opal: Simple Web Services Wrappers for Scientific Applications
Opal: Simple Web Services Wrappers for Scientific ApplicationsOpal: Simple Web Services Wrappers for Scientific Applications
Opal: Simple Web Services Wrappers for Scientific ApplicationsSriram Krishnan
 

More Related Content

What's hot

How to Manage Scale-Out Environments with MariaDB MaxScale
How to Manage Scale-Out Environments with MariaDB MaxScaleHow to Manage Scale-Out Environments with MariaDB MaxScale
How to Manage Scale-Out Environments with MariaDB MaxScaleMariaDB plc
 
The Microsoft Cloud Partner
The Microsoft Cloud PartnerThe Microsoft Cloud Partner
The Microsoft Cloud PartnerNeethu Kuruvilla
 
Database Security Threats - MariaDB Security Best Practices
Database Security Threats - MariaDB Security Best PracticesDatabase Security Threats - MariaDB Security Best Practices
Database Security Threats - MariaDB Security Best PracticesMariaDB plc
 
How AD has been re-engineered to extend to the cloud
How AD has been re-engineered to extend to the cloudHow AD has been re-engineered to extend to the cloud
How AD has been re-engineered to extend to the cloudLDAPCon
 
Building Open Source Identity Management with FreeIPA
Building Open Source Identity Management with FreeIPABuilding Open Source Identity Management with FreeIPA
Building Open Source Identity Management with FreeIPALDAPCon
 
Monitoring active-directory
Monitoring active-directoryMonitoring active-directory
Monitoring active-directoryPrince JabaKumar
 

What's hot (9)

How to Manage Scale-Out Environments with MariaDB MaxScale
How to Manage Scale-Out Environments with MariaDB MaxScaleHow to Manage Scale-Out Environments with MariaDB MaxScale
How to Manage Scale-Out Environments with MariaDB MaxScale
 
Windows Azure Storage – Architecture View
Windows Azure Storage – Architecture ViewWindows Azure Storage – Architecture View
Windows Azure Storage – Architecture View
 
The Microsoft Cloud Partner
The Microsoft Cloud PartnerThe Microsoft Cloud Partner
The Microsoft Cloud Partner
 
Database Security Threats - MariaDB Security Best Practices
Database Security Threats - MariaDB Security Best PracticesDatabase Security Threats - MariaDB Security Best Practices
Database Security Threats - MariaDB Security Best Practices
 
How AD has been re-engineered to extend to the cloud
How AD has been re-engineered to extend to the cloudHow AD has been re-engineered to extend to the cloud
How AD has been re-engineered to extend to the cloud
 
Building Open Source Identity Management with FreeIPA
Building Open Source Identity Management with FreeIPABuilding Open Source Identity Management with FreeIPA
Building Open Source Identity Management with FreeIPA
 
Monitoring active-directory
Monitoring active-directoryMonitoring active-directory
Monitoring active-directory
 
Mini training - Introduction to Microsoft Azure Storage
Mini training - Introduction to Microsoft Azure StorageMini training - Introduction to Microsoft Azure Storage
Mini training - Introduction to Microsoft Azure Storage
 
Active Directory Training
Active Directory TrainingActive Directory Training
Active Directory Training
 

Similar to Network Implementation and Support Lesson 03 User Accounts - Eric Vanderburg

Demystifying SharePoint Infrastructure – for NON-IT People
Demystifying SharePoint Infrastructure – for NON-IT People Demystifying SharePoint Infrastructure – for NON-IT People
Demystifying SharePoint Infrastructure – for NON-IT People SPC Adriatics
 
Network Implementation and Support Lesson 10 Server Administration - Eric V...
Network Implementation and Support Lesson 10 Server Administration - Eric V...Network Implementation and Support Lesson 10 Server Administration - Eric V...
Network Implementation and Support Lesson 10 Server Administration - Eric V...Eric Vanderburg
 
Networking Concepts Lesson 10 part 1 - Network Admin & Support - Eric Vanderburg
Networking Concepts Lesson 10 part 1 - Network Admin & Support - Eric VanderburgNetworking Concepts Lesson 10 part 1 - Network Admin & Support - Eric Vanderburg
Networking Concepts Lesson 10 part 1 - Network Admin & Support - Eric VanderburgEric Vanderburg
 
Presentation1.pptx
Presentation1.pptxPresentation1.pptx
Presentation1.pptxachutachut
 
Network servers
Network serversNetwork servers
Network serversOnline
 
Apache zookeeper seminar_trinh_viet_dung_03_2016
Apache zookeeper seminar_trinh_viet_dung_03_2016Apache zookeeper seminar_trinh_viet_dung_03_2016
Apache zookeeper seminar_trinh_viet_dung_03_2016Viet-Dung TRINH
 
Private cloud networking_cloudstack_days_austin
Private cloud networking_cloudstack_days_austinPrivate cloud networking_cloudstack_days_austin
Private cloud networking_cloudstack_days_austinChiradeep Vittal
 
LDAP Integration
LDAP IntegrationLDAP Integration
LDAP IntegrationDell World
 
Make your first CloudStack Cloud successful
Make your first CloudStack Cloud successfulMake your first CloudStack Cloud successful
Make your first CloudStack Cloud successfulTim Mackey
 
CREATING AND MANAGING USER ACCOUNTS.pdf
CREATING AND MANAGING USER ACCOUNTS.pdfCREATING AND MANAGING USER ACCOUNTS.pdf
CREATING AND MANAGING USER ACCOUNTS.pdfSolomonAnab1
 
Opal: Simple Web Services Wrappers for Scientific Applications
Opal: Simple Web Services Wrappers for Scientific ApplicationsOpal: Simple Web Services Wrappers for Scientific Applications
Opal: Simple Web Services Wrappers for Scientific ApplicationsSriram Krishnan
 
Today's Unified Communications: To upgrade, coexist, or go 'all in' with the ...
Today's Unified Communications: To upgrade, coexist, or go 'all in' with the ...Today's Unified Communications: To upgrade, coexist, or go 'all in' with the ...
Today's Unified Communications: To upgrade, coexist, or go 'all in' with the ...C/D/H Technology Consultants
 
Information Security Lesson 4 - Baselines - Eric Vanderburg
Information Security Lesson 4 - Baselines - Eric VanderburgInformation Security Lesson 4 - Baselines - Eric Vanderburg
Information Security Lesson 4 - Baselines - Eric VanderburgEric Vanderburg
 
eMagic- Complete Data Center Management
eMagic- Complete Data Center ManagementeMagic- Complete Data Center Management
eMagic- Complete Data Center ManagementManisha Daulatani
 
Chapter08 -- network operating systems and windows server 2003-based networking
Chapter08 -- network operating systems and windows server 2003-based networkingChapter08 -- network operating systems and windows server 2003-based networking
Chapter08 -- network operating systems and windows server 2003-based networkingRaja Waseem Akhtar
 
SafeDNS filtering solutions for ISPs & Telecom
SafeDNS filtering solutions for ISPs & TelecomSafeDNS filtering solutions for ISPs & Telecom
SafeDNS filtering solutions for ISPs & TelecomSafeDNS
 

Similar to Network Implementation and Support Lesson 03 User Accounts - Eric Vanderburg (20)

Demystifying SharePoint Infrastructure – for NON-IT People
Demystifying SharePoint Infrastructure – for NON-IT People Demystifying SharePoint Infrastructure – for NON-IT People
Demystifying SharePoint Infrastructure – for NON-IT People
 
Network Implementation and Support Lesson 10 Server Administration - Eric V...
Network Implementation and Support Lesson 10 Server Administration - Eric V...Network Implementation and Support Lesson 10 Server Administration - Eric V...
Network Implementation and Support Lesson 10 Server Administration - Eric V...
 
Null talk
Null talkNull talk
Null talk
 
Networking Concepts Lesson 10 part 1 - Network Admin & Support - Eric Vanderburg
Networking Concepts Lesson 10 part 1 - Network Admin & Support - Eric VanderburgNetworking Concepts Lesson 10 part 1 - Network Admin & Support - Eric Vanderburg
Networking Concepts Lesson 10 part 1 - Network Admin & Support - Eric Vanderburg
 
Presentation1.pptx
Presentation1.pptxPresentation1.pptx
Presentation1.pptx
 
Network servers
Network serversNetwork servers
Network servers
 
Apache zookeeper seminar_trinh_viet_dung_03_2016
Apache zookeeper seminar_trinh_viet_dung_03_2016Apache zookeeper seminar_trinh_viet_dung_03_2016
Apache zookeeper seminar_trinh_viet_dung_03_2016
 
Apache Zookeeper
Apache ZookeeperApache Zookeeper
Apache Zookeeper
 
Private cloud networking_cloudstack_days_austin
Private cloud networking_cloudstack_days_austinPrivate cloud networking_cloudstack_days_austin
Private cloud networking_cloudstack_days_austin
 
LDAP Integration
LDAP IntegrationLDAP Integration
LDAP Integration
 
Make your first CloudStack Cloud successful
Make your first CloudStack Cloud successfulMake your first CloudStack Cloud successful
Make your first CloudStack Cloud successful
 
CREATING AND MANAGING USER ACCOUNTS.pdf
CREATING AND MANAGING USER ACCOUNTS.pdfCREATING AND MANAGING USER ACCOUNTS.pdf
CREATING AND MANAGING USER ACCOUNTS.pdf
 
Opal: Simple Web Services Wrappers for Scientific Applications
Opal: Simple Web Services Wrappers for Scientific ApplicationsOpal: Simple Web Services Wrappers for Scientific Applications
Opal: Simple Web Services Wrappers for Scientific Applications
 
Security tools
Security toolsSecurity tools
Security tools
 
Today's Unified Communications: To upgrade, coexist, or go 'all in' with the ...
Today's Unified Communications: To upgrade, coexist, or go 'all in' with the ...Today's Unified Communications: To upgrade, coexist, or go 'all in' with the ...
Today's Unified Communications: To upgrade, coexist, or go 'all in' with the ...
 
Active directoryfinal
Active directoryfinalActive directoryfinal
Active directoryfinal
 
Information Security Lesson 4 - Baselines - Eric Vanderburg
Information Security Lesson 4 - Baselines - Eric VanderburgInformation Security Lesson 4 - Baselines - Eric Vanderburg
Information Security Lesson 4 - Baselines - Eric Vanderburg
 
eMagic- Complete Data Center Management
eMagic- Complete Data Center ManagementeMagic- Complete Data Center Management
eMagic- Complete Data Center Management
 
Chapter08 -- network operating systems and windows server 2003-based networking
Chapter08 -- network operating systems and windows server 2003-based networkingChapter08 -- network operating systems and windows server 2003-based networking
Chapter08 -- network operating systems and windows server 2003-based networking
 
SafeDNS filtering solutions for ISPs & Telecom
SafeDNS filtering solutions for ISPs & TelecomSafeDNS filtering solutions for ISPs & Telecom
SafeDNS filtering solutions for ISPs & Telecom
 

More from Eric Vanderburg

GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumGDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumEric Vanderburg
 
Modern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveModern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveEric Vanderburg
 
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgCybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgEric Vanderburg
 
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Eric Vanderburg
 
Mobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityMobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityEric Vanderburg
 
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...Eric Vanderburg
 
Ransomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatRansomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatEric Vanderburg
 
Emerging Technologies: Japan’s Position
Emerging Technologies: Japan’s PositionEmerging Technologies: Japan’s Position
Emerging Technologies: Japan’s PositionEric Vanderburg
 
Principles of technology management
Principles of technology managementPrinciples of technology management
Principles of technology managementEric Vanderburg
 
Japanese railway technology
Japanese railway technologyJapanese railway technology
Japanese railway technologyEric Vanderburg
 
Evaluating japanese technological competitiveness
Evaluating japanese technological competitivenessEvaluating japanese technological competitiveness
Evaluating japanese technological competitivenessEric Vanderburg
 
Japanese current and future technology management challenges
Japanese current and future technology management challengesJapanese current and future technology management challenges
Japanese current and future technology management challengesEric Vanderburg
 
Technology management in Japan: Robotics
Technology management in Japan: RoboticsTechnology management in Japan: Robotics
Technology management in Japan: RoboticsEric Vanderburg
 
Incident response table top exercises
Incident response table top exercisesIncident response table top exercises
Incident response table top exercisesEric Vanderburg
 
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware ProblemThe Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware ProblemEric Vanderburg
 
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesCloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesEric Vanderburg
 
Hacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsHacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsEric Vanderburg
 
Correct the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgCorrect the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgEric Vanderburg
 
Deconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric VanderburgDeconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric VanderburgEric Vanderburg
 
Countering malware threats - Eric Vanderburg
Countering malware threats - Eric VanderburgCountering malware threats - Eric Vanderburg
Countering malware threats - Eric VanderburgEric Vanderburg
 

More from Eric Vanderburg (20)

GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumGDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT Symposium
 
Modern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveModern Security the way Equifax Should Have
Modern Security the way Equifax Should Have
 
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgCybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
 
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
 
Mobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityMobile Forensics and Cybersecurity
Mobile Forensics and Cybersecurity
 
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
 
Ransomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatRansomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware Threat
 
Emerging Technologies: Japan’s Position
Emerging Technologies: Japan’s PositionEmerging Technologies: Japan’s Position
Emerging Technologies: Japan’s Position
 
Principles of technology management
Principles of technology managementPrinciples of technology management
Principles of technology management
 
Japanese railway technology
Japanese railway technologyJapanese railway technology
Japanese railway technology
 
Evaluating japanese technological competitiveness
Evaluating japanese technological competitivenessEvaluating japanese technological competitiveness
Evaluating japanese technological competitiveness
 
Japanese current and future technology management challenges
Japanese current and future technology management challengesJapanese current and future technology management challenges
Japanese current and future technology management challenges
 
Technology management in Japan: Robotics
Technology management in Japan: RoboticsTechnology management in Japan: Robotics
Technology management in Japan: Robotics
 
Incident response table top exercises
Incident response table top exercisesIncident response table top exercises
Incident response table top exercises
 
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware ProblemThe Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
 
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesCloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance Challenges
 
Hacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsHacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and Threats
 
Correct the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgCorrect the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric Vanderburg
 
Deconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric VanderburgDeconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric Vanderburg
 
Countering malware threats - Eric Vanderburg
Countering malware threats - Eric VanderburgCountering malware threats - Eric Vanderburg
Countering malware threats - Eric Vanderburg
 

Recently uploaded

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 

Recently uploaded (20)

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 

Network Implementation and Support Lesson 03 User Accounts - Eric Vanderburg

  • 1. Network Implementation & Support Chapter 3 User Accounts Eric Vanderburg © 2006
  • 2. User Accounts • • • • • • • Used for assigning permissions Customizing environment & settings Tracking usage Should adhere to naming conventions Strong passwords One for each person Two for administrators Eric Vanderburg © 2006
  • 3. Adding & Changing accounts • Active Directory Users & Computers – Create users & groups – Disable accounts – Change account properties – Change group membership Eric Vanderburg © 2006
  • 4. Property Tabs • General – personal info • Address – more personal info • Account – logon name, domain, expiration date, hours, computer to login from • Profile – scripts, shared home folders • Telephones • Organization – Title, dept, company, manager Eric Vanderburg © 2006
  • 5. Property Tabs • Member Of – groups • Dial-in – VPN & Dialup permissions • Environment – terminal services programs to run at startup • Sessions – terminal services drop times, reconnection times • Remote Control – view options for terminal services sessions • Terminal Services Profile • COM+ - allows app filtering by setting a COM+ partition for the user. Eric Vanderburg © 2006
  • 6. Authentication • Verify identity • Submit credentials – Username/Password – SmartCard – Biometrics • Interactive Authentication – Use the logon screen • Network Authentication – Takes place when network resources are accessed. Eric Vanderburg © 2006
  • 7. Kerberos • Authentication Method (Win2k &2k3 default) • Based on RFC 1510 • Uses Kerberos version 5 Eric Vanderburg © 2006
  • 8. Kerberos Components • KDC (Key Distribution Center) – AS (Authentication Service) • Verifies identity through AD • Gives TGT (Ticket Granting Ticket) which gives access to certain resources – TGS (Ticket-Granting Service) • Verifies TGT • Creates a service ticket & session key for a resource based on TGT. Client can present the service ticket to another server to access it’s content. NOTE: Servers have tickets too. • Only services it’s own domain. Must refer to another TGS for interdomain resource access (gives referral ticket) • Server with the desired resource • Client Eric Vanderburg © 2006
  • 9. Kerberos • Delegation with Forwarding and Proxy - For a server such as a database server to access resources on your behalf. (given proxy or forwarding ticket) • NTP (Network Time Protocol) is used to synchronize time between machines. Keys are based on system time so all must be the same. • Replaces NTLM (NT LAN Manager) & NTLMv2 – still used with pre 2k clients – Challenge – 16 bit random number (seeds the hash) – Hashes password – Hashes are compared Eric Vanderburg © 2006
  • 10. Profiles • Local Profiles • Roaming Profiles • Mandatory Profiles – Change ntuser.dat to ntuser.man • Default Profile – for new accounts • All Users Profile – for existing accounts • Profile properties – System Properties  User Profiles  Settings Eric Vanderburg © 2006
  • 11. Profile Folder • • • • • • • • • • • Application Data Cookies Desktop Favorites Local Settings – app data, history, temp My Recent Documents NetHood – My Network Places PrintHood – Printers Folder SendTo – program shell registrations Start Menu – shortcuts Templates Eric Vanderburg © 2006
  • 12. User Template • Configure with common settings • Copy when new users are added • Disable the template! Eric Vanderburg © 2006
  • 13. Command Line • Dsadd – create users – Dsadd user “cn=Eric Vanderburg, ou=faculty, dc=RemingtonCollege, dc=edu” –pwd password – memberof administrators –email evanderburg@gmail.com –disabled no • Dsmod – change properties & settings – Dsmod user “cn=Eric Vanderburg, ou=faculty, dc=RemingtonCollege, dc=edu” –phone “440-3762398” • Dsquery – Search – Dsquery user “dc=RemingtonCollege, dc=edu” Eric Vanderburg © 2006
  • 14. Command Line • Dsmove – change location – Dsmove “current ldap location” –newparent “new ldap location” • Dsrm – delete users, groups – Dsrm “ldap location” –noprompt – Dsrm –subtree -c “ldap location” –noprompt • Dsget user “ldap” -memberof – Find groups user belongs to Eric Vanderburg © 2006
  • 15. Command Line • CSVDE – export AD info to CSV file • LDIFDE – export AD info to LDIF (LDAP Interchange Format) file • Redirection – Send data out > – append >> – Bring data in < – Make output input cmd1 | cmd2 (ex: | more) Eric Vanderburg © 2006
  • 16. Account Policies • • • • Right click on an object (SDOU) Select Properties  Group Policy You will see the object link, click edit Under Computer  Windows  Security  Account Policies Eric Vanderburg © 2006
  • 17. Account Policies • Password Policies (History, Age, Length, Complexity, Encryption) • Account Lockout – Duration – length of lockout – Threshold – how many bad passwords locks out – Reset Counter - grace period • Kerberos Policy – – – – Enforce Logon Restrictions – check logon every time Service ticket max lifetime User ticket max lifetime – TGT life Tolerance of computer clock sync Eric Vanderburg © 2006
  • 18. Auditing • Audit account logon events • Computer  Windows  Security  Local Policies  Audit Policy  Audit Account Logon events Eric Vanderburg © 2006
  • 19. Acronyms • • • • KDC, Key Distribution Center NTLM, NT LAN Manager TGT, Ticket Granting Ticket TGS, Ticket Granting Service Eric Vanderburg © 2006