Programming4us
         
 
 
Windows

Windows 7 : Setting Account Policies (part 2)

12/23/2010 9:11:48 AM

Setting User Rights Policies

Windows 7 has a long list of policies associated with user rights. To see these policies, launch the Local Security Settings snap-in (select Start, type secpol.msc, and press Enter) and select Security Settings, Local Policies, User Rights Assignment, as shown in Figure 2.

Figure 2. In the User Rights Assignment branch, use the policies to configure the rights assigned to users or groups.


Each policy is a specific task or action, such as Back Up Files and Directories, Deny Logon Locally, and Shut Down the System. For each task or action, the Security Setting column shows the users and groups who can perform the task or to whom the action applies. To change the setting, double-click the policy. Click Add User or Group to add an object to the policy; or delete an object from the policy by selecting it and clicking Remove.

Setting Account Lockout Policies

Last of all, Windows 7 has a few policies that determine when an account gets locked out, which means the user is unable to log on. A lockout occurs when the user fails to log on after a specified number of attempts. This is a good security feature because it prevents an unauthorized user from trying a number of different passwords.

To see these policies, launch the Local Security Settings snap-in (select Start, type secpol.msc, and press Enter) and select Security Settings, Local Policies, Account Lockout Policy, as shown in Figure 3.

Figure 3. In the Account Lockout Policy branch, use the policies to configure when an account gets locked out of the system.


There are three policies:

  • Account Lockout Duration— This policy sets the amount of time, in minutes, that the user is locked out. Note that, to change this policy, you must set the Account Lockout Threshold (described next) to a nonzero number.

  • Account Lockout Threshold— This policy sets the maximum number of logons the user can attempt before being locked out. Note that after you change this to a nonzero value, Windows 7 offers to set the other two policies to 30 minutes.

  • Reset Account Lockout Counter After— This policy sets the amount of time, in minutes, after which the counter that tracks the number of invalid logons is reset to zero.

Other -----------------
- Windows 7 : Creating and Managing User Accounts (part 2) - Working with the User Accounts Dialog Box
- Windows 7 : Creating and Managing User Accounts (part 1)
- Windows Vista : Managing Local Logon Accounts
- Windows Vista : User Accounts and Groups
- SOA with .NET and Windows Azure : Windows Workflow Foundation (part 7)
- SOA with .NET and Windows Azure : Windows Workflow Foundation (part 6)
- SOA with .NET and Windows Azure : Windows Workflow Foundation (part 5) - WF Programming Model
- SOA with .NET and Windows Azure : Windows Workflow Foundation (part 4) - Activities
- SOA with .NET and Windows Azure : Windows Workflow Foundation (part 3) - Workflow Persistence
- SOA with .NET and Windows Azure : Windows Workflow Foundation (part 2) - Workflows
- SOA with .NET and Windows Azure : Windows Workflow Foundation (part 1) - WF Architecture
- Windows 7 : Creating and Enforcing Bulletproof Passwords (part 3) - Recovering from a Forgotten Password
- Windows 7 : Creating and Enforcing Bulletproof Passwords (part 2) - Taking Advantage of Windows 7’s Password Policies
- Windows 7 : Creating and Enforcing Bulletproof Passwords (part 1)
- Windows 7 : Understanding User Account Control (part 3) - User Account Control Policies
- Windows 7 : Understanding User Account Control (part 2) - Configuring User Account Control
- Windows 7 : Understanding User Account Control (part 1) - Elevating Privileges
- Windows 7 : Encrypting a Disk with BitLocker (part 2) - Enabling BitLocker on a System Without a TPM
- Windows 7 : Encrypting a Disk with BitLocker (part 1) - Enabling BitLocker on a System with a TPM
- Windows 7 : Securing the File System - Encrypting Files and Folders
 
 
Most View
- An OLAP Requirements Example: CompSales International (part 13) - Cube Perspectives
- SQL Server 2008: Security and User Administration - Managing SQL Server Logins
- Exchange Server 2010 : Availability Planning for Mailbox Servers (part 6) - Controlling Database Activation
- Windows Server 2008 : Disaster Scenario Troubleshooting
- Windows 7 : Configuring Internet Explorer Security - Enhancing Your Browsing Privacy (part 4) - InPrivate Browsing and Filtering
- SQL Azure Backup Strategies (part 1) - Copying a Database
- SharePoint 2010 : Change the Document Template for the New Button in a Document Library
- Windows 7: Setting Up a Peer-to-Peer Network (part 1) - Changing the Computer and Workgroup Name
- Exchange Server 2007 : Create Resource Mailboxes
- Scripting Windows 7 with WSH : Programming the WshShell Object (part 1)
Top 10
- Implementing Edge Services for an Exchange Server 2007 Environment : Utilizing the Basic Sender and Recipient Connection Filters (part 3) - Configuring Recipient Filtering
- Implementing Edge Services for an Exchange Server 2007 Environment : Utilizing the Basic Sender and Recipient Connection Filters (part 2)
- Implementing Edge Services for an Exchange Server 2007 Environment : Utilizing the Basic Sender and Recipient Connection Filters (part 1)
- Implementing Edge Services for an Exchange Server 2007 Environment : Installing and Configuring the Edge Transport Server Components
- What's New in SharePoint 2013 (part 7) - BCS
- What's New in SharePoint 2013 (part 6) - SEARCH
- What's New in SharePoint 2013 (part 6) - WEB CONTENT MANAGEMENT
- What's New in SharePoint 2013 (part 5) - ENTERPRISE CONTENT MANAGEMENT
- What's New in SharePoint 2013 (part 4) - WORKFLOWS
- What's New in SharePoint 2013 (part 3) - REMOTE EVENTS