[windows2000] Windows cached credential security issue
- From: Anthony Abraham <AABRAHAM@xxxxxxxxxxxxx>
- To: "'windows2000@xxxxxxxxxxxxx'" <windows2000@xxxxxxxxxxxxx>
- Date: Wed, 11 Feb 2004 17:20:31 +1100
Hi
Can anyone tell me if there is an AD policy that allows me to delete locally
cached profiles automatically after x days?? . There is a bug where if an
AD user is deleted or disabled, a user can theoretically log on locally with
cached credentials. We don't want to disable cached credentials - these are
obviously useful if the AD servers are unavailable.
From my testing, a user can logon with cached credentials indefinately.
Passwords will not expire either and they can still map a drive to the
server where their home drive is at
In an ideal world, it would be great to have a policy that deletes locally
cached profiles if it hasn't been updated within 7 days - has anyone
accomplished this?
Thanks
Anthony
________________________________________________________
NOTICE
The information in this email and or any of the attachments may contain;
a. Confidential information of Credit Union Services Corporation (Australia)
Limited (CUSCAL) or third parties; and or
b. Legally privileged information of CUSCAL or third parties; and or
c. Copyright material of CUSCAL or third parties.
If you are not an authorised recipient of this email, please contact CUSCAL
immediately by return email or by telephone on 61-2-8299 9000 and delete the
email from your system.
We do not accept any liability in connection with computer virus, data
corruption, interruption or any damage generally as a result of transmission of
this email.
********************************************************
This Weeks Sponsor StressedPuppy.com Games
Feeling stressed out? Check out our games to
relieve your stress.
http://www.StressedPuppy.com
********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.
http://thethin.net/win2000list.cfm
Other related posts:
