Welcome to my NT Administration page. This page contains some NT administration scripts that I've made, as well as some very useful tool that I've found out there that can ease an NT administrator's life. Mail me back if you have any comments, suggestions, etc.

Here's a preliminary list:

• High Security file & directory permissions script, which will (hopefully) lock down your NT machine from malicious users (or hackers). Please DONT run this script before editing it to see what it does, and how. Requires the following NT security tools and the popular 4NT shell (both shareware)
• NT Security tools by Keith Woodard - Very nice set of command line tools for manipulating file, directory and registry settings (local or remote). Get them! (shareware)
• A policy template addon that adds some extra functionality regarding some Internet Explorer paths (away from C:\WINNT, at last!!), the ability to terminate apps automatically, some network entries to prevent from DoS attacks, DNS service manipulation, and Samba SP3 "plaintext" passwords fix.
• Free NT Tools homepage A very nice set of GUI utilities for the administration (local&remote) of WinNT machines, covers most basic and some advanced settings an administrator must make. Authors: Falk Schmal and Torsten Sprejz
• dummy_user_settings.txt Some suggested registry changes for Internet Mail and News, Windows Address Book and Microsoft Office 95 & 97 in order for them to work in a "tight" environment (ie. where %SystemRoot% is locked for read-only access), in the form of a Kixtart script (a very famous logon script processor, you can find it inside the NT Resource Kit), but WARNING: Kix32 must be run from a shortcut in "StartUp", because only then is the user profile fully loaded.
• reg_perms.cmd A registry permissions script that will hopefully lock down your Registry to a level that will prevent ordinary users to add new Classes (i.e. Install new programs and/or change default file associations)
• content_types.reg Some suggested additions to your registry that will disable default "Open" actions for certain file types, especially .cmd/.bat/.reg/.lnk files by assigning them to the non harmful MIME type "text/plain". In that way, when a user clicks on a link to e.g. a .reg file, and he/she has selected to no be asked whether to Open the file or Save it, he/she will just view the file instead of executing it.

P.S.: I hate adding legal stuff on the bottom of my documents, but that's neccesary for short-minded people called market managers and their lawyers (corporate lawyers, that is).