You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
97 lines
2.8 KiB
97 lines
2.8 KiB
; Copyright (c) Microsoft Corporation. All rights reserved.
|
|
;
|
|
; Security Configuration Template for Security Configuration Editor
|
|
;
|
|
; Template Name: DCFirst.INF
|
|
; Template Version: 05.00.DF.0000
|
|
;
|
|
; Contains Default Policy Settings for Windows NT 5.0 Domain Controller.
|
|
; This template is NOT used by SCE during setup
|
|
; This template is applied via GP during Winlogon for the first DC in a Tree
|
|
; This template should NOT be used on Workstations or Servers.
|
|
;
|
|
; Please DO NOT EDIT version section.
|
|
;
|
|
[version]
|
|
signature="$CHICAGO$"
|
|
revision=1
|
|
|
|
[Kerberos Policy]
|
|
; in hours
|
|
MaxTicketAge=10
|
|
; in days
|
|
MaxRenewAge=7
|
|
; in minutes
|
|
MaxServiceAge=600
|
|
; in minutes
|
|
MaxClockSkew=5
|
|
; enforce user logon restrictions = yes
|
|
TicketValidateClient=1
|
|
|
|
;----------------------------------------------------------------------
|
|
; Restricted Groups
|
|
;----------------------------------------------------------------------
|
|
[Group Membership]
|
|
;Accounts Created During Server Role are Maintained so ignore groups.
|
|
|
|
;Operational Groups
|
|
;%SceInfBackupOp%__Memberof =
|
|
;%SceInfBackupOp%__Members =
|
|
;%SceInfGuests%__Memberof =
|
|
;%SceInfPrintOp%__Members =
|
|
;%SceInfReplicator%__Memberof =
|
|
;%SceInfReplicator%__Members =
|
|
;%SceInfServerOp%__Memberof =
|
|
;%SceInfServerOp%__Members =
|
|
|
|
;Account Groups
|
|
;%SceInfAccountOp%__Memberof =
|
|
;%SceInfAccountOp%__Members =
|
|
;%SceInfAdmins%__Memberof =
|
|
;%SceInfAdmins%__Members = %SceInfAdministrator%, %SceInfDomainAdmins%
|
|
;%SceInfDomainAdmins%__Memberof =
|
|
;%SceInfDomainAdmins%__Members = %SceInfAdministrator%
|
|
;%SceInfDomainGuests%__Memberof =
|
|
;%SceInfDomainGuests%__Members = %SceInfGuest%
|
|
;%SceInfDomainUsers%__Memberof =
|
|
;%SceInfDomainUsers%__Members = %SceInfAdministrator%
|
|
;%SceInfUsers%__Memberof =
|
|
;%SceInfUsers%__Members = %SceInfDomainUsers%
|
|
;%SceInfGuests%__Members = %SceInfDomainGuests%
|
|
;%SceInfPrintOp%__Memberof =
|
|
|
|
[System Access]
|
|
;----------------------------------------------------------------
|
|
;Account Policies - Password Policy
|
|
;----------------------------------------------------------------
|
|
MinimumPasswordAge = 1
|
|
MaximumPasswordAge = 42
|
|
MinimumPasswordLength = 7
|
|
PasswordComplexity = 1
|
|
PasswordHistorySize = 24
|
|
RequireLogonToChangePassword = 0
|
|
ClearTextPassword = 0
|
|
|
|
;----------------------------------------------------------------
|
|
;Account Policies - Lockout Policy
|
|
;----------------------------------------------------------------
|
|
;No Account Lockout
|
|
LockoutBadCount = 0
|
|
|
|
;The following are not configured when No Account Lockout
|
|
;ResetLockoutCount = 30
|
|
;LockoutDuration = 30
|
|
|
|
|
|
;----------------------------------------------------------------
|
|
;Local Policies - Security Options
|
|
;----------------------------------------------------------------
|
|
;DC Only
|
|
ForceLogoffWhenHourExpire = 0
|
|
|
|
;NewAdministatorName =
|
|
;NewGuestName =
|
|
;SecureSystemPartition
|
|
|
|
|
|
|