Contact info for Tech Philly
Home  •  Contact  •  Services  •  Support

  login:        
  password:  
            Tech Solutions
     

PC Upgrades Upgrades
Data Recovery Data Recovery
Computer Repair, Maintenance, and update Maintenance
Security From Viruses, Hackers, and Spyware Security
Network Solutions Networks
Website Search Engine Optimization Google Rank Increase Websites
Computer Repair Philadelphia Gateway Compaq Custom Systems

  • Location Service
  • 24/7 Help
 
 

Philadelphia Computer Tech Support
 
01 - 02 - 03 - 04 - 05 - 06 - 07 - 08 - 09 - 10 - 11 - 12 - 13 - 14 - 15 - 16 - 17 - 18 - 19 - 20 -

Kerberos Policy
Policy for Kerberos in Windows 2000 is set at the domain level. As a matter of fact, Microsoft uses the word
“domain” instead of “realm” when referring to Kerberos policy. Kerberos policy is stored within Active
Directory, and only members of the Domain Admins group are allowed to change the policy. Figure 3.10
shows the options available in the Kerberos policy for the domain. The default settings are the default for
Windows 2000 Server beta 3.
Figure 3.10 This is the default Kerberos Domain Policy.
The settings included in the Kerberos Domain Policy are:
• Enforce user logon restrictions
• Maximum lifetime that a user ticket can be renewed
• Maximum service ticket lifetime
• Maximum tolerance for synchronization of computer clocks
• Maximum user ticket lifetime
Enforce user logon restrictions is enabled by default and is used to validate every request for session tickets
by making sure that the client has the correct user rights for logging on the destination server. This setting
can be disabled; it takes extra time to perform and may slow down network performance.
The maximum lifetime that a ticket can be renewed setting is set in days. A reasonable setting is seven days
for this attribute.
The maximum service ticket lifetime is set in minutes. Do not let the term “service ticket” confuse you; it is
just the name Microsoft decided to use for session tickets. The setting for the lifetime of the service ticket
cannot be more than the time specified in the maximum user ticket lifetime or less than ten minutes. A
reasonable setting for this option is to make it the same as the maximum user ticket lifetime.
The maximum tolerance for synchronization of computer clocks setting determines how much difference in
the clocks is tolerated. This setting is in minutes, and five minutes is a reasonable setting.
The maximum user ticket lifetime is set in hours. Microsoft has decided to use the term “user ticket,” but in
Kerberos terms it is a TGT. A reasonable setting is 10 hours for this attribute.
It is easy to change an attribute by double-clicking the attribute and changing the setting, as shown in Figure
3.11.
Figure 3.11 This is the way to change the setting for the maximum lifetime that a user ticket can be renewed
attribute.
01 - 02 - 03 - 04 - 05 - 06 - 07 - 08 - 09 - 10 - 11 - 12 - 13 - 14 - 15 - 16 - 17 - 18 - 19 - 20 -

 
 
 
 
  Home Contact Data Recovery Search Engine Web Design/Hosting Networks

Serving the Philadelphia area with the best in tech service and support. 		     
  Related Info:
-Microsoft shows off new Windows smartphones
Microsoft Corp showed off prototype phones featuring its new mobile software to Wall Street analysts on Thursday but is yet to set a date for their rollout beyond availability this holiday shopping season.
-Microsoft talks up tablets shows off new phones
Microsoft Corp set out its ambitions to dominate the consumer electronics market on Thursday with Windows-powered tablet computers and smartphones designed to beat back advances by Apple Inc and Google Inc.
-Microsoft to Push Harder for Cloud
Microsoft is shifting its strategy away from pitching itself as a company that can offer companies a choice of software or hosted services toward pushing the cloud an executive said on Thursday at the software giant's annual financial analyst meeting.
-Microsoft working for tablet release
Microsoft chief Steve Ballmer says developing Windows-based tablet computers is 'job one urgency'
-Microsoft's 'Avatar' Project Builds on 'Kinect'
While Microsoft's Kinect for its Xbox 360 game console uses your body movements as input the opposite may eventually be true: Microsoft debuted a video of a robotic "avatar" that may interact with humans.
-Microsoft COO: 'We Are Going To Lead With the Cloud'
Microsoft COO: 'We Are Going To Lead With the Cloud'
-Microsoft Sees Rosy PC Growth
Microsoft is eyeing a big pile of PC-related software revenue spelling good news for Intel and H-P.
-Microsoft COO Admits Mistake Pledges to 'Lead with the Cloud'
Microsoft executives pledged to "lead with the cloud" on Thursday acknowledging that offering business customers a choice between packaged software and cloud-based services had been a mistake.
-Microsoft's Ballmer Says Tablet Computers `Top of Mind' Amid Apple Success
Microsoft Corp. Chief Executive Officer Steve Ballmer said tablet computers are a big issue for him as Apple Inc. seized the momentum in a category Microsoft has worked on for more than a decade.
-Microsoft CEO: Tablets are 'job one' for company
Microsoft Corp. Chief Executive Steve Ballmer stresses to Wall Street analysts that the development of tablet computers outfitted with the company's software is "one of the top issues on my mind."
Live.

Tech Philly Custom Systems Data Recovery Emergency Service Maintenance Network Service Onsite Service Repair Security Software Spyware Upgrades Viruses Website Design Website Hosting Wireless Computer