Security and Assurance
Security and compliance in datacenters, private cloud and hosting environments.
-
`Actually I really don`t even know what your talking about I just want to be heard everywhere I go About a business poo poo`ed
My idea is this, Take all of your employees and retrain every one of them. Starting with " CUSTOMERS"The customer is always right. Once they get that down. Then stop there and have everyone drive to a mall close by, and just stop. Find some people and engage first with "WAIT A MINUTE" listen. What ever you were thinking to do or thinking what ever just wait. You should
nt be bummed. Don
t let it get you BUTT HURT. At least were on the right track. Once you start engaging with real people you
ll find that their…1 vote -
RDCMan doesn't expose an option for Restricted Admin
This might not be the most optimal place for this request, but it somewhat fits and I can't seem to find anywhere more suitable, plus RDCMan is an official Microsoft tool...
Remote Desktop Connection Manager (RDCMan) doesn't currently seem to expose the RDP Restricted Admin option.
This feature is great for secure remote server administration when you can't use PowerShell remoting - many such cases still exist!
It's probably not a huge task either, the GUI just needs a checkbox for the feature which is already implemented elsewhere.
8 votes -
Allow Windows Server 2016 to support disabling SMBv1 _and_ Server SPN target name validation
https://social.technet.microsoft.com/Forums/windowsserver/en-US/d520f2d4-4847-403d-bab6-1b33251a761c/issue-disabling-smbv1-and-windows-server-2016?forum=winserversecurity
On Server 2016, disabling (removing) SMBv1 and having Microsoft network server: Server SPN target name validation level = Required from client (2) are currently not “working together”, yet it works on the other Windows operating systems just fine.To recreate this:
1) Test with a Domain-joined Windows Server 2016 box
2) Remove-WindowsFeature FS-SMB1 on the Windows Server 2016 box
3) GPO set or reghack on the Windows Server 2016 box: Server SPN target name validation level = Required from client (2)
4) Reboot the Windows Server 2016Domain Admins are now unable to connect to the \Server2016\C$ default share…
8 votesChecking into this, thanks for mentioning.
-
Enhance the password complexity requirements
Give the possibility for admins to increase the numbers of character set combinations. Currently it is 3, but we would like to make it 4 and we can't. We are "forced" to invest in an external party creating custom password filters - from what I am reading in TechNet forums.
10 votes -
Add an option to require administrative password reset to honor password history
Windows supports two password APIs, change and reset. The change API honors password history, preventing users from re-using recent previous passwords. The reset API ignores password history and allows an administrator or e.g. help desk, to re-use a recent previous password. Add an option in Active Directory to force the reset API to also honor password history. The default should be that this option is disabled, an administrator CAN use a recent password, so it matches expected / current behavior. For Active Directory, this option should be available in the default domain policy and also in each password settings object…
4 votes
- Don't see your idea?