G
Guest
Guest
Archived from groups: microsoft.public.windowsxp.security_admin (More info?)
Thanks for the reply
How do I apply a local group policy to a specific local group?
When on the domain, I can apply a policy to an OU and then put the
users into it, but how do you do this when you are on a standalone PC,
when there are no OUs.
I have posted this question to the
microsoft.public.windows.group_policy newsgroup and got completely
conflicting answers :
Group Policy is very limited for a non domain computer. You should
still be
able to use poledit on XP Pro if it suits your needs, I know it works
on
Windows 2000. If you have a copy of Windows 2000 Server it is installed
with
adminpak as described in the link below. I did try poledit on my XP
computer
and it did open after I also copied the common.adm and winnt.adm files
from
my W2K server to the \windows\inf folder on my XP Pro box. --- Steve
Help - just more confused now
Ben
Malke Wrote:
> brc wrote:
> -
>
> I need to create different levels of access to a standalone XP pro
> PC.
> Previously I used poledit on NT to create several user groups, each
> with different levels of access. With XP local group policy, it
> seems
> I only have two levels, those to whom to the policy is applied
> (users)
> and those who aren't (admins). Surely there is better access control
> than either you are an administrator or you are a restricted user??
>
> How can I create several levels, ie, Untrusted users (who have
> everything locked out), Trusted users (more access than untrusted
> users), Managers (have slightly more access, but not to everything),
> Administrators (access to everything)?
>
> If the PC was on a domain, it could be easily done, but it is a
> standalone PC. I could do it easily with poledit on win98 etc.
>
> -
> On the contrary, you can create very fine-grained permissions with the
> Group Policy Editor in XP Pro. Run gpedit.msc and do a lot of
> exploring
> there. You can create user groups that have specific permissions and
> then join appropriate users to those groups. Be very careful with the
> Group Policy Editor, however; you can easily forget to include
> yourself
> in your new group and be locked out.
>
> Malke
> --
> MS MVP - Windows Shell/User
> Elephant Boy Computers
> www.elephantboycomputers.com
> "Don't Panic!"
--
brc
Thanks for the reply
How do I apply a local group policy to a specific local group?
When on the domain, I can apply a policy to an OU and then put the
users into it, but how do you do this when you are on a standalone PC,
when there are no OUs.
I have posted this question to the
microsoft.public.windows.group_policy newsgroup and got completely
conflicting answers :
Group Policy is very limited for a non domain computer. You should
still be
able to use poledit on XP Pro if it suits your needs, I know it works
on
Windows 2000. If you have a copy of Windows 2000 Server it is installed
with
adminpak as described in the link below. I did try poledit on my XP
computer
and it did open after I also copied the common.adm and winnt.adm files
from
my W2K server to the \windows\inf folder on my XP Pro box. --- Steve
Help - just more confused now
Ben
Malke Wrote:
> brc wrote:
> -
>
> I need to create different levels of access to a standalone XP pro
> PC.
> Previously I used poledit on NT to create several user groups, each
> with different levels of access. With XP local group policy, it
> seems
> I only have two levels, those to whom to the policy is applied
> (users)
> and those who aren't (admins). Surely there is better access control
> than either you are an administrator or you are a restricted user??
>
> How can I create several levels, ie, Untrusted users (who have
> everything locked out), Trusted users (more access than untrusted
> users), Managers (have slightly more access, but not to everything),
> Administrators (access to everything)?
>
> If the PC was on a domain, it could be easily done, but it is a
> standalone PC. I could do it easily with poledit on win98 etc.
>
> -
> On the contrary, you can create very fine-grained permissions with the
> Group Policy Editor in XP Pro. Run gpedit.msc and do a lot of
> exploring
> there. You can create user groups that have specific permissions and
> then join appropriate users to those groups. Be very careful with the
> Group Policy Editor, however; you can easily forget to include
> yourself
> in your new group and be locked out.
>
> Malke
> --
> MS MVP - Windows Shell/User
> Elephant Boy Computers
> www.elephantboycomputers.com
> "Don't Panic!"
--
brc