Jeffrey's+Wiki


 * ICAIS3120C **

** Configure and Administer a Network operating system ** ** Formative Assessment Part-5 **

//The following wiki page will help you complete ICAIS3120C Formative Assessment Part-5.//

The first task asks you to document your group changing the Group Management Policy to make users on the sever have to change their passwords every 45 days and also wants you to make it that new user to the server have to change their passwords upon login.

The first thing you will need to do is go into Administrate Tools > Group Management Policy, then from there you need to go into Forest: Lan7 > Lan7 > Group Policy Objects and then right clicked on Default Domain Controller Policy and then from there you need to go to Polices > Windows Settings > Security Settings > Account Policies > Password Policy. From here you will need to change the "Maximum Password Age" to 45 days so that the password will reset after that set amount of time. After this you need to go back to Default Domain Policy and do the same of what you did with the Default Domain Controller Policy.

Then after you need to go into the Active Directory and make a new user in an Organisation Unit, you then need to make a user by right clicking and going to New > User. Then you can name the user what ever you find is needed, gave him a simple password and make sure that the box with "User Much Change Password on Login" is ticked. After this is finished you can go to a client's computer that is hooked up to the server and check to see if everything is as it should be.

Task two arks document your group about how they go about configuring a Domain Controller Security Policy to audit failed login events and then how they go about showing the results of the failed audit events in the event viewer. To set up the auditing to accept failures you will need to go into Group Policy Management and then go to Forest Lan 7 > Domains > Lan 7 > Group Policy Objects and then right clicked on Default Domain Controller Policy and the go to edit. Then from here you will need to go into Polices > Windows Settings > Security Settings > Local Policies > Audit Policies. Then from here you will need to right click and change the setting of the first, third, fourth and fifth detect failures. Then you will need to go back to the Group Policy Management and do the same thing for Default Domain Policy. After this you will need to go into Administrative tools > Event Log and then the Event Viewer window appeared and you will need to go into Windows logs > Security. Then you will need to right clicke on security and go to filter and change the filter setting so that it would filter everything but failed log in attempts. Lastly you will need to clear the Security log and then test it by having one of your users try to login using the wrong password and then check to see if it has worked.

Task three asks you to document how your group would go about making a legal notice appear when one of your users tries to login from one of your domain workstations. The first thing you will need to do is go into Group Policy Management in Administrate Tools. Then from here you will need to go to Forest: Lan7 > Domains > Lan7 > Default Domain Policy. Then you will need to go to Policies > Windows Settings > Security settings > Local Policies > Security Options then you will need to look for and active two polices that are "Interactive Login: Message text for users attempt tying to log on Policy" and "Interactive Login: Message title for users attempt tying to log on Policy" (note that you are required to type in what you want to have in your legal notice here). Then you will need to make your User disjoin the Domain and rejoin it and the legal notice will appear.

The next following tasks will not need you to be part of a group but can be done if wanted. Task four ask you to go onto the internet and look for a utility that will help you be able to test passwords strengths. A site that can be very useful in finding out how strong people’s password are and is known for being a secure site is: [].This is a very useful site because it give people tips to help improve their passwords and also as stated is a secure site.

The final task to be done in this formative is Task five. Task five wants you to role-play, that you are working as a Information Technology Administrator and ask you a question about whether it is a good idea to delete user accounts when that user has left the organisation. This task is mostly about your option about the subject and should be how you deal with the situation. For idea I have put what I had in my answer. I think it can be a good idea to delete user’s account when they leave the organisation because it will save space on the hard drive. But before you delete any user account it is a good idea to save any information that could be useful in the future. Also people should wait a week to a month before deleting the account because that person might come back and get their information or if someone else needs that information who has the right permission to access it.