Local Security Policy

Archived from groups: microsoft.public.win2000.group_policy (More info?)

I need to set a local security policy on a stand alone
server. When I set it, the effective box is grayed out.
The domain policy is not set to no override, but it was
set at one time. This is a Windows 2000 domain with a
windows 2000 server.
5 answers Last reply
More about local security policy
  1. Archived from groups: microsoft.public.win2000.group_policy (More info?)

    You can not select the effective check box. Force a refresh of the policies
    on the machine and see if it checks the effective. If not then double check
    any other policies that apply to make sure that setting is set to not
    defined.

    "Barry" <anonymous@discussions.microsoft.com> wrote in message
    news:1c72f01c452e6$3f0bf340$a301280a@phx.gbl...
    > I need to set a local security policy on a stand alone
    > server. When I set it, the effective box is grayed out.
    > The domain policy is not set to no override, but it was
    > set at one time. This is a Windows 2000 domain with a
    > windows 2000 server.
  2. Archived from groups: microsoft.public.win2000.group_policy (More info?)

    I think I am not explaining myself very well.
    A domain policy is in effect to only allow certain users
    the right to log on locally to a server. On that server,
    there is a iuser_computer account that needs that right.
    Is there a way to grant that right to the local policy and
    have it be the effective policy?
    >-----Original Message-----
    >You can not select the effective check box. Force a
    refresh of the policies
    >on the machine and see if it checks the effective. If not
    then double check
    >any other policies that apply to make sure that setting
    is set to not
    >defined.
    >
    >"Barry" <anonymous@discussions.microsoft.com> wrote in
    message
    >news:1c72f01c452e6$3f0bf340$a301280a@phx.gbl...
    >> I need to set a local security policy on a stand alone
    >> server. When I set it, the effective box is grayed out.
    >> The domain policy is not set to no override, but it was
    >> set at one time. This is a Windows 2000 domain with a
    >> windows 2000 server.
    >
    >
    >.
    >
  3. Archived from groups: microsoft.public.win2000.group_policy (More info?)

    Create an Organizational Unit for that server. The create a new GPO for that OU and
    configure the logon locally user right to be what you want for computers in that OU
    and move the server into it. That user right configuration will then override your
    domain policy setting and become effective setting. There is no way to make Local
    Security Policy for that user right to be effective policy since you have it defined
    at the domain level.--- Steve


    "Barry" <anonymous@discussions.microsoft.com> wrote in message
    news:1d14401c45318$080eba80$a001280a@phx.gbl...
    > I think I am not explaining myself very well.
    > A domain policy is in effect to only allow certain users
    > the right to log on locally to a server. On that server,
    > there is a iuser_computer account that needs that right.
    > Is there a way to grant that right to the local policy and
    > have it be the effective policy?
    > >-----Original Message-----
    > >You can not select the effective check box. Force a
    > refresh of the policies
    > >on the machine and see if it checks the effective. If not
    > then double check
    > >any other policies that apply to make sure that setting
    > is set to not
    > >defined.
    > >
    > >"Barry" <anonymous@discussions.microsoft.com> wrote in
    > message
    > >news:1c72f01c452e6$3f0bf340$a301280a@phx.gbl...
    > >> I need to set a local security policy on a stand alone
    > >> server. When I set it, the effective box is grayed out.
    > >> The domain policy is not set to no override, but it was
    > >> set at one time. This is a Windows 2000 domain with a
    > >> windows 2000 server.
    > >
    > >
    > >.
    > >
  4. Archived from groups: microsoft.public.win2000.group_policy (More info?)

    No the domain policy takes effect over the local policy where the same user
    rights are defined. there is only replace at this time not a merge.

    "Barry" <anonymous@discussions.microsoft.com> wrote in message
    news:1d14401c45318$080eba80$a001280a@phx.gbl...
    > I think I am not explaining myself very well.
    > A domain policy is in effect to only allow certain users
    > the right to log on locally to a server. On that server,
    > there is a iuser_computer account that needs that right.
    > Is there a way to grant that right to the local policy and
    > have it be the effective policy?
    > >-----Original Message-----
    > >You can not select the effective check box. Force a
    > refresh of the policies
    > >on the machine and see if it checks the effective. If not
    > then double check
    > >any other policies that apply to make sure that setting
    > is set to not
    > >defined.
    > >
    > >"Barry" <anonymous@discussions.microsoft.com> wrote in
    > message
    > >news:1c72f01c452e6$3f0bf340$a301280a@phx.gbl...
    > >> I need to set a local security policy on a stand alone
    > >> server. When I set it, the effective box is grayed out.
    > >> The domain policy is not set to no override, but it was
    > >> set at one time. This is a Windows 2000 domain with a
    > >> windows 2000 server.
    > >
    > >
    > >.
    > >
  5. Archived from groups: microsoft.public.win2000.group_policy (More info?)

    So how do I get a local user log on as service rights?
    There is no account in Active Directory for a local user
    on a stand alone server.
    >-----Original Message-----
    >No the domain policy takes effect over the local policy
    where the same user
    >rights are defined. there is only replace at this time
    not a merge.
    >
    >"Barry" <anonymous@discussions.microsoft.com> wrote in
    message
    >news:1d14401c45318$080eba80$a001280a@phx.gbl...
    >> I think I am not explaining myself very well.
    >> A domain policy is in effect to only allow certain users
    >> the right to log on locally to a server. On that
    server,
    >> there is a iuser_computer account that needs that right.
    >> Is there a way to grant that right to the local policy
    and
    >> have it be the effective policy?
    >> >-----Original Message-----
    >> >You can not select the effective check box. Force a
    >> refresh of the policies
    >> >on the machine and see if it checks the effective. If
    not
    >> then double check
    >> >any other policies that apply to make sure that setting
    >> is set to not
    >> >defined.
    >> >
    >> >"Barry" <anonymous@discussions.microsoft.com> wrote in
    >> message
    >> >news:1c72f01c452e6$3f0bf340$a301280a@phx.gbl...
    >> >> I need to set a local security policy on a stand
    alone
    >> >> server. When I set it, the effective box is grayed
    out.
    >> >> The domain policy is not set to no override, but it
    was
    >> >> set at one time. This is a Windows 2000 domain with
    a
    >> >> windows 2000 server.
    >> >
    >> >
    >> >.
    >> >
    >
    >
    >.
    >
Ask a new question

Read More

Policy Security Windows 2000 Domain Servers Windows