Re: Login Banner

[Gene <gyoo () attbi com>]

Todd Plesco wrote:
> Sharon,
>
> Here is a sample message: 
> Authorized Use Only! 
>
> You must be assigned an account to access this computer and the network.
> The information on this computer and network is the property 
> of this organization and is protected by intellectual property rights. 
> Anyone using this system expressly consents to their activities being monitored. 
>
> The Graphical Identification and Authentication (GINA) at login that is displayed can be interpreted as 
> an invitation to breach system security. The "Welcome" caption on the dialog box cannot be changed. 
> However, you can enable a warning message dialog box to be displayed. 
>
> NOTE: This dialog box is presented to the user after they press CTRL+ALT+DEL and before the logon dialog 
> box is presented. 
>
> Windows NT and Later
> To enable a warning message to be displayed, make the following changes to the registry: 
> Start Registry Editor.
> > From the HKEY_LOCAL_MACHINE subtree, go to the following subkey:
> SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon 
> Add or modify the following values:
>       Name                 Data Type   Value
>                 -----------------------------------------------
>                 LegalNoticeCaption   REG_SZ      Dialog Caption
>                 LegalNoticeText      REG_SZ      Dialog Message
>
>
> Windows 95 and Windows 98
> To enable a warning message, modify the following registry key: 
> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Winlogon 
> The string values will appear on the logon banner.
>
> Example: 
> "LegalNoticeCaption"="Important Notice:"
> "LegalNoticeText"="No Unauthorized access allowed" 
>
>
>
> On Fri, Dec 20, 2002 at 02:11:02PM -0500, sharon_joyner () timeinc com wrote:
>
> > Hello List,
> >
> > We have a small network consisting of an NT 4.0 Server with Win95, Win98
> > and W2k workstations connected to it. There are three versions of a
> > login banner popping up on these workstations and we need to standardize
> > to the one "official" version. We've changed the banner on the server,
> > but this has only changed some workstations. Most still have their old
> > login banner displaying. Can anyone tell me how can we push out the
> > changed login banner to all workstations?
> >
> > I've been doing mainframe (acf2/racf) security for 10 years and just
> > started working on our NT environment (didn't lose the MF resonsibility,
> > though), so I apologize if this question is overly simplistic. Please be
> > kind.
> >
> > Sharon Joyner, CISSP
> > IS Security Administrator
> > WPS, Tampa
> > 813-664-8147
> > Sharon_joyner () timeinc com
> >
> > -----------------------------------------------------------------------
> >
> > This message is the property of Time Inc. or its affiliates. It may be
> > legally privileged and/or confidential and is intended only for the use
> > of the addressee(s). No addressee should forward, print, copy, or
> > otherwise reproduce this message in any manner that would allow it to be
> > viewed by any individual not originally listed as a recipient. If the
> > reader of this message is not the intended recipient, you are hereby
> > notified that any unauthorized disclosure, dissemination, distribution,
> > copying or the taking of any action in reliance on the information
> > herein is strictly prohibited. If you have received this communication
> > in error, please immediately notify the sender and delete this message.
> > Thank you.

i think the requestor is looking for a mechanism such as hyena or other 
proprietary tool from netiq, etc... to push the changes throughout.  of 
course you could use the ad gpo, but since the environment is hybrid, a 
small cost effective tool like hyena should be sufficient going forward 
with their nt/2000 environment...

gene

--
<gyoo [at] attbi [dot] com>