RE: help me out

  • From: "Mark Cook" <mc@xxxxxxxxxx>
  • To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
  • Date: Wed, 4 Jan 2006 14:39:22 -0000

Item (1) can be acheived through a password filter DLL rather than a custom 
Gina, this would be the better way to enforce this !  Check this MSDN acrticle 
for more info
 
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secmgmt/security/password_filter_programming_considerations.asp
 
Also, consider how you 'securely' store 'all' previous passwords  !  You could 
also search google for password filter dll
 
Any further questions please drop me a mail off list at mark@xxxxxxxxxxx
 
HTH
 
Mark
 
 
 

________________________________

From: Dave Milne [mailto:davem@xxxxxxxxxxxxxx]
Sent: Wed 1/4/2006 2:32 PM
To: [ExchangeList]
Subject: [exchangelist] RE: help me out


http://www.MSExchange.org/


Try HP ProtectTools Authentication Services (used to be Compaq SE)

 

Dave

 

 

 

________________________________

From: Michael B. Smith [mailto:michael@xxxxxxxxxx] 
Sent: 04 January 2006 13:39
To: [ExchangeList]
Subject: [exchangelist] RE: help me out

 

http://www.MSExchange.org/

"There are seldom good technological solutions to behavioral problems." - Ed 
Crowley

 

Item (1) would require a custom msgina.dll. It would be a much better question 
for a NT-coders group than an Exchange group.

 

Items (2) and (3) have nothing to do with Exchange. They are manual business 
policies. They must be enforced through management.

 

________________________________

From: Dhirendra Kumar [mailto:msexchange.org@xxxxxxxxx] 
Sent: Wednesday, January 04, 2006 8:31 AM
To: [ExchangeList]
Subject: [exchangelist] help me out

 

http://www.MSExchange.org/ 

hi

 

   How can we set these policies

 

 1) Cyclical use of password restricted: 

      Privileged users (administrative ids like root, administrator, system, 
oracle etc) must never use the same password twice, i.e. their          
password must be unique every time. Other users must not repeat any of the 
previous 5 passwords. Wherever possible, the system must enforce such 
restrictions otherwise it is the user's responsibility to follow this 
procedure. 

 

2) Storage of Critical Passwords 

    Critical passwords (passwords for privileged Ids, generic Ids etc.) must be 
stored through Critical Password Control Documents.   Such passwords shall be 
recorded in specified forms and stored in two sets of envelopes (on-site and 
off-site).  Records shall be maintained of custody, changes in these passwords 
and movement of the envelopes.) 

 

3) Secure Conveyance of Passwords 

    Passwords should be conveyed to users in a secure manner. Passwords must 
never be disclosed via telephone or through third parties or through 
unprotected (clear text) electronic mails. If sent by mail or similar physical 
distribution systems, the mailings must have no markings indicating the nature 
of the enclosure 

------------------------------------------------------ List Archives: 
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Exchange Newsletters: 
http://www.msexchange.org/pages/newsletter.asp 
------------------------------------------------------ Visit TechGenix.com for 
more information about our other sites: http://www.techgenix.com 
------------------------------------------------------ You are currently 
subscribed to this MSExchange.org Discussion List as: michael@xxxxxxxxxx To 
unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=exchangelist 
Report abuse to info@xxxxxxxxxxxxxx

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp 
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this MSExchange.org Discussion List as: 
davem@xxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to info@xxxxxxxxxxxxxx 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp 
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this MSExchange.org Discussion List as: 
mc@xxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to info@xxxxxxxxxxxxxx 

Other related posts: