Windows

General discussion

Locked

Ed Bott's Microsoft Challenge -- 1/20/00

By ebott ·
Do you know how to keep from falling into three common Setup traps? I?m looking for the correct solution to these three problems:
1. You want your users to set strong passwords that can?t be cracked through dictionary attacks. What?s the undocumented command-line option that lets you automatically assign a strong password to a given user account?
2. Inaccurate time settings can wreak havoc on a network. What?s the best way to guarantee that all Windows 2000 PCs on a domain are set to the correct time?
3. How big is Windows 2000?s default swapfile? How do you change its size?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

Ed Bott's Microsoft Challenge -- 1/20/00

by rog42 In reply to Ed Bott's Microsoft Chall ...

#1. There are numerous answers already given, and the question throws a slight slant in that it requires a strong password for a 'given' user. However, I think the command line answer you require is:
NET ACCOUNTS /MINPWLEN:number /MAXPWAGE:days /MINPWAGE:days /UNIQUEPW:number /DOMAIN

#2: 3 ways - a) using DHCP set a time server (NTP) b) In Active directory set a computer group policy for the site to use a time server c) Without ADS or DHCP create a login script with the command NET TIME /DOMAIN

#3: Default swap file is 1.5xRAM min - 3xRAM max. To change - Right-click My Computer - Properties - Advanced - Performance Options - Change (in Virtual Memory Tab) change the numbers and click Set

Collapse -

Ed Bott's Microsoft Challenge -- 1/20/00

by ebott In reply to Ed Bott's Microsoft Chall ...

The question was auto-closed by TechRepublic

Collapse -

Ed Bott's Microsoft Challenge -- 1/20/00

by mikemayer In reply to Ed Bott's Microsoft Chall ...

1. use passprop /complex

2. use net time

3. 1.5 time RAM size, ControlPanel/system/Adv/proformance/Virtual memory

Collapse -

Ed Bott's Microsoft Challenge -- 1/20/00

by ebott In reply to Ed Bott's Microsoft Chall ...

The question was auto-closed by TechRepublic

Collapse -

Ed Bott's Microsoft Challenge -- 1/20/00

by rbarrett In reply to Ed Bott's Microsoft Chall ...

Question 3.
The default size is indeed
Min 1.5 x amount of physical ram
Max 3x amount of physical ram
To change it goto the advanced tab of the system properties (right click on My Computer), then performance options and virual memory.

Collapse -

Ed Bott's Microsoft Challenge -- 1/20/00

by ebott In reply to Ed Bott's Microsoft Chall ...

The question was auto-closed by TechRepublic

Collapse -

Ed Bott's Microsoft Challenge -- 1/20/00

by michael.b.simmons In reply to Ed Bott's Microsoft Chall ...

1. You can use secedit using one of the 4 following templates:
securews.inf
securedc.inf (I assume for a domain controller)
hisecwe.inf
hisecdc.inf
For example:
C:\WINNT>cd %windir%\security\templates
C:\WINNT\security\templates>secedit /configure /db new.db /cfg securews.inf /areas SECURITYPOLICY /verbose

Task is completed successfully.
See log %windir%\security\logs\scesrv.log for detail info.

2.Windows 2000 ships with the W32Time (Windows Time) service. A hierarchical approach is taken to assigning time:

? All clients desktops and member servers use their authenticating domain controller as their in-bound time partner
? All domain controllers in a domain use the Primary Domain Controller (PDC) Flexible Single Master of Operations (FSMO) as the in-bound time partner
? The PDC FSMO's use the domain hierarchy to pick their in-bound time partner

Obviously this means the PDC FSMO becomes the authoritative time source for the enterprise and should be configured to gather the time fro

Collapse -

Ed Bott's Microsoft Challenge -- 1/20/00

by ebott In reply to Ed Bott's Microsoft Chall ...

The question was auto-closed by TechRepublic

Collapse -

Ed Bott's Microsoft Challenge -- 1/20/00

by michael.b.simmons In reply to Ed Bott's Microsoft Chall ...

Looks like my original response exceeded 1000 chars, so I'll continue w/ #2:
Obviously this means the PDC FSMO becomes the authoritative time source for the enterprise and should be configured to gather the time from an external source. Until this is done you will see events in the Event Log stating the W32Time service is not configured.

To configure Windows 2000 to use an external time server use the command:
C> net time /setsntp:192.4.41.40
There are a number of external time servers you can use based at the U.S. Naval Observatory
? ntp2.usno.navy.mil - 192.5.41.209
? tick.usno.navy.mil - 192.4.41.40
? tock.usno.navy.mil - 192.5.41.41

3. If you're talking about the paging file, then: Windows 2000 sets the initial paging file size to one and a half times the amount of physical RAM in the computer. You'd change this from Control Panel\System\Advanced\Performance Options\Virtual Memory.

Collapse -

Ed Bott's Microsoft Challenge -- 1/20/00

by ebott In reply to Ed Bott's Microsoft Chall ...

The question was auto-closed by TechRepublic

Related Discussions

Related Forums