Kerberos by Garman Jason

Kerberos by Garman Jason

Author:Garman, Jason. [Jason Garman]
Language: eng
Format: epub
Tags: COMPUTERS / Security / General
ISBN: 9781449390778
Publisher: O'Reilly Media
Published: 2010-03-24T16:00:00+00:00


Open MMC and load the Active Directory Users and Computers snap-in.

Right-click on your domain, and choose Properties.

Select the Group Policy tab.

Select the Default Domain Policy GPO, and click Edit.

Navigate to Computer Configuration → Windows Settings → Security Settings → Event Log → Settings for Event Log.

You will now see the window shown in Figure 6-6.

Figure 6-6. Active Directory Group Policy event log settings

By double-clicking on Maximum security log size, you’ll be presented with a dialog box. Click “Define this policy setting” and set a maximum size (in this case, 10240 Kbytes). If you would like to change the log retention options, you can change the “Retain security log” and “Retention method for security log” settings in this window.

Next we’ll enable auditing for our domain. There are two different auditing options included in Windows, rather obscurely named “logon auditing” and “account logon auditing.” They both audit authentication requests, however, they audit different parts of the login process, and store the information on different hosts. Confused yet? Let’s take a look at the two choices:

Logon Auditing

This setting toggles the auditing of local Windows login events. These login events are not constrained to Kerberos-based logins; logon auditing will record login events for every type of authentication that Windows supports, such as NTLM. This type of logging is similar to a Secure Shell (or other application-level) log on a Unix box; it records the start and finish of a user’s login session. Therefore, logon auditing occurs on the individual servers that users log in to, and the corresponding audit logs only appear in that server’s Event Log.



Download



Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.