Xerox Print Advisor Support & Software 安装指南
Preparing For Installation
10
Print Advisor Installation Guide
Applying Security Settings
If your organization does not currently have security policies in place for locking down service
accounts, Xerox
®
recommends at a minimum that you apply the following settings:
Account
Settings
User Account
Set Password to never Expire.
Use complexity requirements:
Use complexity requirements:
• Minimum Password Length 8 with Special Characters).
• Avoid using these special characters: \ “ < > | & (A password with
• Avoid using these special characters: \ “ < > | & (A password with
these characters cannot be passed on the command line when you
attempt to create an Administrative Installation Point.)
Group Policy
Deny logon locally (User Rights Assignments).
Disable
Disable
Shut Down the System (User Rights Assignments).
Account Lockout Policy (three invalid attempts lock the account for
10 minutes).
Requires Logon as a Service (User Rights Assignments).
Deny log on through Terminal Services (User Rights Assignments).
Disable
Requires Logon as a Service (User Rights Assignments).
Deny log on through Terminal Services (User Rights Assignments).
Disable
Allow Logon Locally (User Rights Assignments).
Set options to
Enforcement (no override). Takes precedence over any
Group Policy Object linked to child containers.
Set Block inheritance flag.
Create account as an Organization Unit-controlled subtree.
Enable auditing on controlled subtree.
Use the
Set Block inheritance flag.
Create account as an Organization Unit-controlled subtree.
Enable auditing on controlled subtree.
Use the
AdminSDHolder function; compares the privilege level every
hour and ensures that the settings have not been altered.