Policy - Security Confugration and Analysis

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

Hello

I was researching on how to secure a stand alone XP computer and i found an
article on microsoft site
(http://www.microsoft.com/technet/security/prodtech/windowsxp/secwinxp/xpsgch05.mspx)

I followed the step to create a new secuirty database that are described
under "Chapter 5 / Improting Security Templates into Windows XP / Creating
secuirty database"
I only wanted to see what kind of secuirty settings this will bring in.
Instead of Analyzing it i ran CONFIGURE option. Any non admistrator account
that logs onto my computer has all sorts of secuirty setting such ", Read
only premission to Program Files folders, password expires in 42 days etc".

Question: Is there way i can undo this policy settings that i applied... ??

Thanks
Uday
1 answer Last reply
More about policy security confugration analysis
  1. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    "leo" <leo@discussions.microsoft.com> wrote in message
    news:B299CCDA-A7EC-48CE-8856-2E17BF169387@microsoft.com...
    > Hello
    >
    > I was researching on how to secure a stand alone XP computer and i found
    an
    > article on microsoft site
    >
    (http://www.microsoft.com/technet/security/prodtech/windowsxp/secwinxp/xpsgc
    h05.mspx)

    > I followed the step to create a new secuirty database that are described
    > under "Chapter 5 / Improting Security Templates into Windows XP / Creating
    > secuirty database"
    > I only wanted to see what kind of secuirty settings this will bring in.
    > Instead of Analyzing it i ran CONFIGURE option. Any non admistrator
    account
    > that logs onto my computer has all sorts of secuirty setting such ", Read
    > only premission to Program Files folders, password expires in 42 days
    etc".

    Actually, the 42-day password change is a default for limited users on Win2K
    and XP Pro. And the other thing you mentioned, Program Files is read-only,
    is also the default.

    Programs designed for XP should still work with these restrictions in place,
    as it's part of the testing for the Logo. The rest? If I had my way I'd
    throttle their programmers.

    > Question: Is there way i can undo this policy settings that i applied...
    ??

    I get the impression you didn't make any actual changes at all, rather,
    you're starting to use limited accounts for the first time and are running
    into their default security settings.

    There should be a "default" template that changes the security settings for
    Program Files, Documents and Settings, and Windows back to their
    installation defaults. But that's the settings you just described.

    --
    PGP key (0x0AFA039E): <http://www.pan-am.ca/consulting@pan-am.ca.asc>
    Prevent problems before they happen and help others avoid bad design.
    <http://www.pan-am.ca/antiwindowscatalog/>
Ask a new question

Read More

Security Microsoft Windows XP