Automatic Updates options are greyed out, SBS 2003 and WSUS
|
From: guzarva on 18 Dec 2007 18:33 "jwpsconsulting(a)gmail.com" wrote: > Hi All, > > We had an intrusion into the network and now have a few issues. > Promary is that Automatic Updates are not operating on the SBS > server. It appears to be a group policy, but as yet I am unable to > edit it, even logged on as Administrator. The SBS server is the DC > and the results of gpresult are pasted below. The clients are relying > on WSUS to push updates, and that is no longer hapening. It is SBS > Server SP1...if you think installing SP2 will help, I will proceed > with that, but I fear the group policy will not change. > > > Microsoft (R) Windows (R) Operating System Group Policy Result tool > v2.0 > Copyright (C) Microsoft Corp. 1981-2001 > > Created On 11/6/2007 at 11:37:54 AM > > > > RSOP data for BANKERSMUTUAL\Administrator on BANKERS-SBS : Logging > Mode > ------------------------------------------------------------------------ > > OS Type: Microsoft(R) Windows(R) Server 2003 for > Small Business Server > OS Configuration: Primary Domain Controller > OS Version: 5.2.3790 > Terminal Server Mode: Remote Administration > Site Name: Default-First-Site-Name > Roaming Profile: > Local Profile: C:\Documents and Settings\Administrator > Connected over a slow link?: No > > > COMPUTER SETTINGS > ------------------ > CN=BANKERS-SBS,OU=Domain Controllers,DC=BankersMutual,DC=local > Last time Group Policy was applied: 11/6/2007 at 11:36:00 AM > Group Policy was applied from: BANKERS- > SBS.BankersMutual.local > Group Policy slow link threshold: 500 kbps > Domain Name: BANKERSMUTUAL > Domain Type: Windows 2000 > > Applied Group Policy Objects > ----------------------------- > Small Business Server Auditing Policy > Default Domain Controllers Policy > Small Business Server Domain Password Policy > Small Business Server Client Computer > Small Business Server Remote Assistance Policy > Small Business Server Lockout Policy > Default Domain Policy > Small Business Server Update Services Server Computers Policy > Small Business Server Update Services Common Settings Policy > Local Group Policy > > The following GPOs were not applied because they were filtered out > > ------------------------------------------------------------------- > Small Business Server Folder Redirection > Filtering: Not Applied (Empty) > > Small Business Server Windows Firewall > Filtering: Denied (WMI Filter) > WMI Filter: PostSP2 > > Small Business Server Internet Connection Firewall > Filtering: Denied (WMI Filter) > WMI Filter: PreSP2 > > Small Business Server Update Services Client Computers Policy > Filtering: Denied (Security) > > The computer is a part of the following security groups > ------------------------------------------------------- > BUILTIN\Administrators > Everyone > BUILTIN\Users > BUILTIN\Pre-Windows 2000 Compatible Access > Windows Authorization Access Group > NT AUTHORITY\NETWORK > NT AUTHORITY\Authenticated Users > This Organization > BANKERS-SBS$ > Domain Controllers > Exchange Domain Servers > NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS > Cert Publishers > Exchange Enterprise Servers > RAS and IAS Servers > > Resultant Set Of Policies for Computer > --------------------------------------- > > Software Installations > ---------------------- > N/A > > Startup Scripts > --------------- > N/A > > Shutdown Scripts > ---------------- > N/A > > Account Policies > ---------------- > GPO: Default Domain Policy > Policy: MaxServiceAge > Computer Setting: 600 > > GPO: Default Domain Policy > Policy: LockoutBadCount > Computer Setting: 50 > > GPO: Default Domain Policy > Policy: MaxTicketAge > Computer Setting: 10 > > GPO: Default Domain Policy > Policy: PasswordHistorySize > Computer Setting: 24 > > GPO: Small Business Server Domain Password Policy > Policy: MinimumPasswordAge > Computer Setting: N/A > > GPO: Small Business Server Domain Password Policy > Policy: PasswordHistorySize > Computer Setting: 24 > > GPO: Default Domain Policy > Policy: MaximumPasswordAge > Computer Setting: 60 > > GPO: Small Business Server Lockout Policy > Policy: LockoutDuration > Computer Setting: 10 > > GPO: Small Business Server Lockout Policy > Policy: ResetLockoutCount > Computer Setting: 10 > > GPO: Default Domain Policy > Policy: MaxClockSkew > Computer Setting: 5 > > GPO: Default Domain Policy > Policy: MinimumPasswordLength > Computer Setting: 7 > > GPO: Default Domain Policy > Policy: MinimumPasswordAge > Computer Setting: N/A > > GPO: Small Business Server Domain Password Policy > Policy: MinimumPasswordLength > Computer Setting: 7 > > GPO: Small Business Server Lockout Policy > Policy: LockoutBadCount > Computer Setting: 50 > > GPO: Default Domain Policy > Policy: ResetLockoutCount > Computer Setting: 10 > > GPO: Small Business Server Domain Password Policy > Policy: MaximumPasswordAge > Computer Setting: 4294967295 > > GPO: Default Domain Policy > Policy: LockoutDuration > Computer Setting: 10 > > GPO: Default Domain Policy > Policy: MaxRenewAge > Computer Setting: 7 > > Audit Policy > ------------ > GPO: Default Domain Controllers Policy > Policy: AuditPolicyChange > Computer Setting: Success > > GPO: Default Domain Controllers Policy > Policy: AuditPrivilegeUse > Computer Setting: No Auditing > > GPO: Default Domain Controllers Policy > Policy: AuditLogonEvents > Computer Setting: Success > > GPO: Small Business Server Auditing Policy > Policy: AuditDSAccess > Computer Setting: No Auditing > > GPO: Default Domain Controllers Policy > Policy: AuditAccountLogon > Computer Setting: Success > > GPO: Default Domain Controllers Policy > Policy: AuditObjectAccess > Computer Setting: No Auditing > > GPO: Default Domain Controllers Policy > Policy: AuditDSAccess > Computer Setting: Success > > GPO: Default Domain Controllers Policy > Policy: AuditAccountManage > Computer Setting: Success > > GPO: Small Business Server Auditing Policy > Policy: AuditLogonEvents > Computer Setting: Success, Failure > > GPO: Default Domain Controllers Policy > Policy: AuditProcessTracking > Computer Setting: No Auditing > > GPO: Default Domain Controllers Policy > Policy: AuditSystemEvents > Computer Setting: Success > > User Rights > ----------- > GPO: Default Domain Controllers Policy > Policy: MachineAccountPrivilege > Computer Setting: Authenticated Users > > GPO: Default Domain Controllers Policy > Policy: DenyNetworkLogonRight > Computer Setting: BANKERSMUTUAL\SUPPORT_388945a0 > > GPO: Default Domain Controllers Policy > Policy: RestorePrivilege > Computer Setting: Server Operators > Backup Operators > Administrators > > GPO: Default Domain Controllers Policy > Policy: TcbPrivilege > Computer Setting: Backup Operators > > GPO: Default Domain Controllers Policy > Policy: SystemProfilePrivilege > Computer Setting: Administrators > > GPO: Default Domain Controllers Policy > Policy: DenyServiceLogonRight > Computer Setting: N/A > > GPO: Default Domain Controllers Policy > Policy: ServiceLogonRight > Computer Setting: NETWORK SERVICE > Backup Operators > BANKERSMUTUAL\ASPNET > > GPO: Default Domain Controllers Policy > Policy: UndockPrivilege > Computer Setting: Administrators > > GPO: Default Domain Controllers Policy > Policy: CreatePermanentPrivilege > Computer Setting: N/A > > GPO: Default Domain Controllers Policy > Policy: AuditPrivilege > Computer Setting: NETWORK SERVICE > LOCAL SERVICE > > GPO: Default Domain Controllers Policy > Policy: TakeOwnershipPrivilege > Computer Setting: Administrators > > GPO: Default Domain Controllers Policy > Policy: CreatePagefilePrivilege > Computer Setting: Administrators > > GPO: Default Domain Controllers Policy > Policy: EnableDelegationPrivilege > Computer Setting: Administrators > > GPO: Default Domain Controllers Policy > Policy: DebugPrivilege > Computer Setting: Administrators > > GPO: Default Domain Controllers Policy > Policy: SystemTimePrivilege > Computer Setting: Server Operators > Administrators > LOCAL SERVICE > > GPO: Default Domain Controllers Policy > Policy: DenyBatchLogonRight > Computer Setting: N/A
From: guzarva on 18 Dec 2007 18:34 "Steve" wrote: > What was the nature of the intrusion? Administrator account being logged in > to? > > <jwpsconsulting(a)gmail.com> wrote in message > news:1194378167.093825.304500(a)y27g2000pre.googlegroups.com... > > Hi All, > > > > We had an intrusion into the network and now have a few issues. > > Promary is that Automatic Updates are not operating on the SBS > > server. It appears to be a group policy, but as yet I am unable to > > edit it, even logged on as Administrator. The SBS server is the DC > > and the results of gpresult are pasted below. The clients are relying > > on WSUS to push updates, and that is no longer hapening. It is SBS > > Server SP1...if you think installing SP2 will help, I will proceed > > with that, but I fear the group policy will not change. > > > > > > Microsoft (R) Windows (R) Operating System Group Policy Result tool > > v2.0 > > Copyright (C) Microsoft Corp. 1981-2001 > > > > Created On 11/6/2007 at 11:37:54 AM > > > > > > > > RSOP data for BANKERSMUTUAL\Administrator on BANKERS-SBS : Logging > > Mode > > ------------------------------------------------------------------------ > > > > OS Type: Microsoft(R) Windows(R) Server 2003 for > > Small Business Server > > OS Configuration: Primary Domain Controller > > OS Version: 5.2.3790 > > Terminal Server Mode: Remote Administration > > Site Name: Default-First-Site-Name > > Roaming Profile: > > Local Profile: C:\Documents and Settings\Administrator > > Connected over a slow link?: No > > > > > > COMPUTER SETTINGS > > ------------------ > > CN=BANKERS-SBS,OU=Domain Controllers,DC=BankersMutual,DC=local > > Last time Group Policy was applied: 11/6/2007 at 11:36:00 AM > > Group Policy was applied from: BANKERS- > > SBS.BankersMutual.local > > Group Policy slow link threshold: 500 kbps > > Domain Name: BANKERSMUTUAL > > Domain Type: Windows 2000 > > > > Applied Group Policy Objects > > ----------------------------- > > Small Business Server Auditing Policy > > Default Domain Controllers Policy > > Small Business Server Domain Password Policy > > Small Business Server Client Computer > > Small Business Server Remote Assistance Policy > > Small Business Server Lockout Policy > > Default Domain Policy > > Small Business Server Update Services Server Computers Policy > > Small Business Server Update Services Common Settings Policy > > Local Group Policy > > > > The following GPOs were not applied because they were filtered out > > > > ------------------------------------------------------------------- > > Small Business Server Folder Redirection > > Filtering: Not Applied (Empty) > > > > Small Business Server Windows Firewall > > Filtering: Denied (WMI Filter) > > WMI Filter: PostSP2 > > > > Small Business Server Internet Connection Firewall > > Filtering: Denied (WMI Filter) > > WMI Filter: PreSP2 > > > > Small Business Server Update Services Client Computers Policy > > Filtering: Denied (Security) > > > > The computer is a part of the following security groups > > ------------------------------------------------------- > > BUILTIN\Administrators > > Everyone > > BUILTIN\Users > > BUILTIN\Pre-Windows 2000 Compatible Access > > Windows Authorization Access Group > > NT AUTHORITY\NETWORK > > NT AUTHORITY\Authenticated Users > > This Organization > > BANKERS-SBS$ > > Domain Controllers > > Exchange Domain Servers > > NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS > > Cert Publishers > > Exchange Enterprise Servers > > RAS and IAS Servers > > > > Resultant Set Of Policies for Computer > > --------------------------------------- > > > > Software Installations > > ---------------------- > > N/A > > > > Startup Scripts > > --------------- > > N/A > > > > Shutdown Scripts > > ---------------- > > N/A > > > > Account Policies > > ---------------- > > GPO: Default Domain Policy > > Policy: MaxServiceAge > > Computer Setting: 600 > > > > GPO: Default Domain Policy > > Policy: LockoutBadCount > > Computer Setting: 50 > > > > GPO: Default Domain Policy > > Policy: MaxTicketAge > > Computer Setting: 10 > > > > GPO: Default Domain Policy > > Policy: PasswordHistorySize > > Computer Setting: 24 > > > > GPO: Small Business Server Domain Password Policy > > Policy: MinimumPasswordAge > > Computer Setting: N/A > > > > GPO: Small Business Server Domain Password Policy > > Policy: PasswordHistorySize > > Computer Setting: 24 > > > > GPO: Default Domain Policy > > Policy: MaximumPasswordAge > > Computer Setting: 60 > > > > GPO: Small Business Server Lockout Policy > > Policy: LockoutDuration > > Computer Setting: 10 > > > > GPO: Small Business Server Lockout Policy > > Policy: ResetLockoutCount > > Computer Setting: 10 > > > > GPO: Default Domain Policy > > Policy: MaxClockSkew > > Computer Setting: 5 > > > > GPO: Default Domain Policy > > Policy: MinimumPasswordLength > > Computer Setting: 7 > > > > GPO: Default Domain Policy > > Policy: MinimumPasswordAge > > Computer Setting: N/A > > > > GPO: Small Business Server Domain Password Policy > > Policy: MinimumPasswordLength > > Computer Setting: 7 > > > > GPO: Small Business Server Lockout Policy > > Policy: LockoutBadCount > > Computer Setting: 50 > > > > GPO: Default Domain Policy > > Policy: ResetLockoutCount > > Computer Setting: 10 > > > > GPO: Small Business Server Domain Password Policy > > Policy: MaximumPasswordAge > > Computer Setting: 4294967295 > > > > GPO: Default Domain Policy > > Policy: LockoutDuration > > Computer Setting: 10 > > > > GPO: Default Domain Policy > > Policy: MaxRenewAge > > Computer Setting: 7 > > > > Audit Policy > > ------------ > > GPO: Default Domain Controllers Policy > > Policy: AuditPolicyChange > > Computer Setting: Success > > > > GPO: Default Domain Controllers Policy > > Policy: AuditPrivilegeUse > > Computer Setting: No Auditing > > > > GPO: Default Domain Controllers Policy > > Policy: AuditLogonEvents > > Computer Setting: Success > > > > GPO: Small Business Server Auditing Policy > > Policy: AuditDSAccess > > Computer Setting: No Auditing > > > > GPO: Default Domain Controllers Policy > > Policy: AuditAccountLogon > > Computer Setting: Success > > > > GPO: Default Domain Controllers Policy > > Policy: AuditObjectAccess > > Computer Setting: No Auditing > > > > GPO: Default Domain Controllers Policy > > Policy: AuditDSAccess > > Computer Setting: Success > > > > GPO: Default Domain Controllers Policy > > Policy: AuditAccountManage > > Computer Setting: Success > > > > GPO: Small Business Server Auditing Policy > > Policy: AuditLogonEvents > > Computer Setting: Success, Failure > > > > GPO: Default Domain Controllers Policy > > Policy: AuditProcessTracking > > Computer Setting: No Auditing > > > > GPO: Default Domain Controllers Policy > > Policy: AuditSystemEvents > > Computer Setting: Success > > > > User Rights > > ----------- > > GPO: Default Domain Controllers Policy > > Policy: MachineAccountPrivilege > > Computer Setting: Authenticated Users > > > > GPO: Default Domain Controllers Policy > > Policy: DenyNetworkLogonRight > > Computer Setting: BANKERSMUTUAL\SUPPORT_388945a0 > > > > GPO: Default Domain Controllers Policy > > Policy: RestorePrivilege > > Computer Setting: Server Operators > > Backup Operators > > Administrators > > > > GPO: Default Domain Controllers Policy > > Policy: TcbPrivilege > > Computer Setting: Backup Operators > > > > GPO: Default Domain Controllers Policy > > Policy: SystemProfilePrivilege > > Computer Setting: Administrators > > > > GPO: Default Domain Controllers Policy > > Policy: DenyServiceLogonRight > > Computer Setting: N/A > > > > GPO: Default Domain Controllers Policy > > Policy: ServiceLogonRight > > Computer Setting: NETWORK SERVICE > > Backup Operators > > BANKERSMUTUAL\ASPNET > > > > GPO: Default Domain Controllers Policy > > Policy: UndockPrivilege > > Computer Setting: Administrators > > > > GPO: Default Domain Controllers Policy > > Policy: CreatePermanentPrivilege > > Computer Setting: N/A > > > > GPO: Default Domain Controllers Policy > > Policy: AuditPrivilege > > Computer Setting: NETWORK SERVICE > > LOCAL SERVICE > > > > GPO: Default Domain Controllers Policy > > Policy: TakeOwnershipPrivilege > > Computer Setting: Administrators > > > > GPO: Default Domain Controllers Policy > > Policy: CreatePagefilePrivilege > > Computer Setting: Administrators > > > > GPO: Default Domain Controllers Policy > > Policy: EnableDelegationPrivilege > > Computer Setting: Administrators > > > > GPO: Default Domain Controllers Policy > > Policy: DebugPrivilege > > Computer Setting: Administrators > > > > GPO: Default Domain Controllers Policy > > Policy: SystemTimePrivilege > > Computer Setting: Server Operators > > Administrators
|
Pages: 1 Prev: Simple DNS question - maybe... Next: Remote Desktop Credentials for Vista |