|Microsoft Windows legal notice display not enabled (Legal Notice)|
|Risk Level:||Medium||Legal Notice|
|Platforms:||Microsoft Windows NT: 4.0, Microsoft Windows 2000, Microsoft Windows XP, Microsoft Windows 2003 Server, Microsoft Windows 7, Microsoft Windows Server 2008, Microsoft Windows Server 2008: R2, Microsoft Windows: Vista, Microsoft Windows Server 2012, Microsoft Windows 8|
The legal notice is not enabled at logon. Your security policy may require a warning notice that details site security policy.
Configure the system to display a legal notice at logon. Suggestions about text for notice banners can be found in CERT Advisory CA-92.19. See References. In Windows NT, this can be set using System Policy Editor or by editing the registry. In Windows 2000, set the Message title for user attempting to log on and the Message text for user attempting to log on options. Follow the steps below appropriate for your platform.
Note: If the computer is a member of a Domain, the domain policy has to be changed on the Domain Controller, or the policy at the Domain Controller takes precedence over the changes made on the computer.
For Windows NT:
If you have access to System Policy Editor, use it to set a notice banner on your system. Otherwise, add your banner in the registry.
CAUTION: Use Registry Editor at your own risk. Any change using Registry Editor may cause severe and irreparable damage and may require you to reinstall your operating system. Internet Security Systems cannot guarantee that problems caused by the use of Registry Editor can be solved.
For a Windows 2000 domain:
Note: If you set both the message title and text at the same time, there have been reported cases where one of them was not retained (saved). You may want to repeat this procedure, verifying that both changes were applied.
For a stand-alone Windows 2000 computer:
|Required Permission:||Windows login|
CERT Advisory CA-1992-19
CIAC Information Bulletin A-22
CIAC Information Bulletin J-043g
Know Your Risks
Common Vulnerabilties & Exposures