Desktop Security Practices

Andrea Tanner tanner at
Wed Sep 11 13:56:31 GMT 2002

We are reviewing our desktop security on Windows 2000 clients.
We are looking to make the following change to our Ghost image

1.  Configure Windows 2000 desktops to not cache NT domain login

Our rationale is that with recent hacks getting past our anti-virus
software and
loading trojans, we would like to prevent the hacker to crack the
password file.

We are writing our business case at this time.  We would like to know
any of you folks have implemented this type of policy on your Windows
desktops?  One roadblock is that if our NT domain goes down (rare)
people cannot
log into their computers.  This will also happen if a user has a local
problem (ie, bad network card of cable).  That is our main reason to
see if any
of you folks have implemented this. 

What about laptops that faculty use at home and on your nework?  If
you have
implemented this policy, do you exclude laptops?

Thank you!

Andrea Tanner Zsigo               Manager, Helpdesk and Desktop
tanner at               IT Help Desk
217 DHE                               Oakland University
248-370-4555                         Rochester, MI, USA   

More information about the unisog mailing list