About Windows Home Server Security Tips
As great a product Windows Home Server (and its successors) is it does suffer from one category that probably should have been given a little more attention to and that is security. Now before I get the riot act of “It was designed for the ease use of your average Home User” from the Windows Home Server Community I want to acknowledge that yes I understand that but I still think more should have been done to lock the operating system down more from “unwanted” cyber snooping. Luckily for us Windows Home Server and it’s successors are actually modified versions of Microsoft premium line of Server operating systems Windows Server 2003 SP2 and Windows Server 2008 R2 which means that it can been be configured to do so. So, in the next several months I will be publishing different articles of how to better manage the security of your Windows Home Server along with its newer editions Windows Home Server 2011 and Windows Storage Server 2008 R2 Essentials. Since Windows Home Server is also used for Small businesses as well as the Home Office, Business owners may want to incorporate some of these security methods to better protect their data as well.
Introduction
In the 1st of our Windows Home Server Security Tips I’m going to go over is how to force change newly created accounts initial passwords upon logging into your home server for the first time. This method is nothing new which most of you System Administrators (Windows or otherwise) that are reading this article can attest to and have been using this method for decades. There are two main reasons you would want to do this, One the intended user can choose a password that they can hopefully remember it and two you as the family or small business administrator don’t have to send a permanent password to where it could be possibly be intercepted by an unknown third party.
What version of Windows Home Server does this pertain to?
This pertains to Windows Home Server (Now commonly known as Version1); while the steps are similar for Windows Home Server 2011 and Windows Storage Server 2008 R2 Essentials there are some steps that are different and it is recommend that this article is to be used only for Version 1 of Windows Home Server.
Disclaimer and Recommendations
While the methods and steps have been tested in a non-production environment to work as written within this article I take no responsibility and the user shall bare full responsibility if there are any repercussions from using the information of this article. It is also further advised to backup your server first before proceeding with any of the steps within this article.
Procedure
1. While the first part of this can be done from the Home Server Console on your client PC it is recommended that you either Remote Desktop or Directly Console into your Home Server for the entire process.
2. Click on the “Home Server Console” Icon on your home server desktop and wait for it to open
3. Proceed to create a new user account as shown in this following How To article provided by MysticGeek from HowtoGeek.com. You can safely ignore the rest of the how to geek article since we need only to create a user account. REMEMBER to give the account you are creating an easy initial logon password (Example: Password1234), the whole reason for this drill is for the end user to change the initial password. Upon completion close the Home Server Console.
4. Now “Right Click” On the “My Computer” icon and click on “Manage”.
5. Within the “Computer Management” snap-in go to “System Tools” and then click on “Local Users and Groups”
Nice article, thanks for the WHS revisit.
I’m assuming you can take this one step further by increasing the password complexity ?
I had orginally was going to make one huge article on account policies to include passowrd complexicty, auditing, how many times you enter the password wrong etc… but thought it would be easier for people to read it in parts and not one big huge article. ALso WHSV1 is still a great OS and has some benifits that WHS2011, especially in backing up Windows Server Clients.
Once again great article right at the heart of WHS…Security. With the basics of this article it wasn’t difficult to zero in on the procedure for WHS2011. Keep em’ coming ITBeast
Like I said in the article the steps are not that different for WHS 2011 and Windows Storage Server 2008 R2 Essentials but I want the novice reader to read my upcomming article that specifically covers the differences in those 2 OS’S.
Nice to know I have you as such a devoted fan Mikmock, thanks for sticking by me.