I’ve just covered off Local and System Policies, so now I know where those system admins set those annoying password policies that make you come up with something brand new (and less and less secure) by remembering the last 20 passwords and making them last only 30 days. Oh and apparently there are things called GPOs (Group Policy Objects) which aren’t used to buy stamps.
Password policy options such as “Enforce Password History” remembers a specified number of passwords, “Maximum Password Age” keeps the password for a number of days. Although annoying from a user perspective, and consequently making a bit of a mockery of strong password choice, I’m impressed at the number of policy items up for grabs in 2000, which is after all a few years old now. And again impressed at the tools available to help the guys trying to keep their servers up and running despite the best efforts of the users.
The Security Configuration and Analysis tool is an excellent tool for checking how well you’ve spread the multitude of policies in meeting a standard. All top stuff. On to Managing disks now, which looks like it will be fun.