Video Screencast Help

legalnoticecaption & legalnoticetext in Windows 2008 still Red

Created: 25 Mar 2011 • Updated: 25 Mar 2011 | 2 comments

Hi, 

Enterprise Security Manager (ESM) reports that a host computer does display a Windows Legal Notice at logon and confirmed that the computer does display a notice.

Data has been supplied already "ALERT" but still appeared the Registry value set to incorrect data.

See the actual report below. I've also attached the screenshot.

********************************************************

HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ System \ legalnoticecaption

 

Data: ALERT!
 
expected data to match regular expression:
^Logon Notice$
 
comment: Interactive logon: Message title for users attempting to log on must read "Logon Notice"
*******************************************************

*******************************************************

HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ System \ legalnoticetext

 

Data:
Warning: These facilities are solely for the use of authorized employees or agents of the Company,its subsidiaries and affiliates. Unauthorized use is prohibited and subject to criminal and civil penalties. Individuals using this computer system are subject to having all of their activities on this system monitored and recorded by systems personnel.
 
expected data to match regular expression:
^Warning: These facilities are solely for the use of authorized employees or agents of the Company, its subsidiaries and affiliates. Unauthorized use is prohibited and subject to criminal and civil penalties. Individuals using this computer system are subject to having all of their activities on this system monitored and recorded by systems personnel.$
 
comment: Interactive logon: Message text for users attempting to log on
*******************************************************
 
Hope you can help me on this issue.
 
Many thanks!
 
 
Best Regards
Jon

Comments 2 CommentsJump to latest comment

kevin_stultz's picture

The ESM policy which assessed your server was configured to look for specific registry value settings.  For the two registry keys in the reports your server does not match the value that is specified.  You will need to either change the registry key values to match what is expected or work with the team that sets the company policy to change the requirement/configuration of the ESM registry template.