Archived from groups: microsoft.public.win2000.group_policy (
More info?)
That is fine. I hope the information helps!
--
Gary Mudgett, MCSE, MCSA
Windows 2000/2003 Directory Services
=====================================================
When responding to posts, please "Reply to Group" via
your newsreader so that others may learn and benefit
from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
"Bill Glidden" <bglidden@bigpong.net> wrote in message
news:u6ad96kbEHA.3524@TK2MSFTNGP12.phx.gbl...
> Thanks, Gary.
> I will have a look at gpresult and see what it tells me and read the
> references you have given me. I guess you can tell I am new to Group
Policy?
> Cheers,
> Bill
>
> --
>
>
> ---------------------------------------------------------------------
> "Are you still wasting your time with spam?...
> There is a solution!"
>
> Protected by GIANT Company's Spam Inspector
> The most powerful anti-spam software available.
>
http://mail.spaminspector.com
>
>
> "Gary Mudgett [MSFT]" <garymu@online.microsoft.com> wrote in message
> news:uo4J6OgbEHA.2816@TK2MSFTNGP11.phx.gbl...
> > It sounds like there might be a restricted group policy being applied to
> the
> > workstation. That would correspond to the accounts being removed when
you
> > reboot the machine because the policy would be re-applied. I would
> suggest
> > checking any GPO's that would apply to the machine for restricted group
> > policies for the groups you are interested in.
> >
> > You can check which policies you are getting security settings from by
> > running "gpresult /v" at a command prompt.
> >
> > The policy of interest would be in the following path:
> > Computer Configuration\Windows Settings\Security Settings\Restricted
> Groups
> >
> > 295771 SMS: A "Restricted Group" Policy May Prevent SMS Clients from
Being
> >
http://support.microsoft.com/?id=295771
> >
> > 320045 HOW TO: Restrict Group Membership By Using Group Policy in
Windows
> > 2000
> >
http://support.microsoft.com/?id=320045
> >
> >
> > --
> > Gary Mudgett, MCSE, MCSA
> > Windows 2000/2003 Directory Services
> >
> > =====================================================
> > When responding to posts, please "Reply to Group" via
> > your newsreader so that others may learn and benefit
> > from your issue.
> > =====================================================
> > This posting is provided "AS IS" with no warranties, and confers no
> rights.
> >
> > "Bill" <Bill@discussions.microsoft.com> wrote in message
> > news
F4E6C23-AB4C-415D-9764-E1F0CCA34DF0@microsoft.com...
> > > Thanks for your response Jerold.
> > > Logged in as local Administrator, I added them using Computer
> Management,
> > Local Users and Groups, Right-click on <group>, Add to Group, Add, then
> > selecting domain user group or role, e.g. Domain Users or Authenticated
> > Users.
> > > Cheers,
> > > Bill
> > >
> > > "Jerold Schulman" wrote:
> > >
> > > > On Sun, 18 Jul 2004 22:16:01 -0700, "Bill"
> > <Bill@discussions.microsoft.com>
> > > > wrote:
> > > >
> > > > >When I add Domain Users to a local group (say Power Users) the
> setting
> > is not there after the workstation restarts. I have searched through
the
> AD
> > Policy settings on the w2k SBS and can't find anything which might be
> > resetting this. The default AD Group Policy settings are all 'not
> > configured'. There are no other Policies further down the AD tree. Two
> > questions:
> > > > >1. How can I permanently add Domain Users to a local group?
> > > > >2. If I have an application which requires local permissions to run
> > what is best practice for providing this?
> > > > >Any help gratefully received!
> > > > >Cheers,
> > > > >Bill
> > > >
> > > >
> > > > How are you adding them?
> > > >
> > > > On the local machine, try:
> > > >
> > > > net localgroup "Power Users" "DomainName\UserName" /add
> > > >
> > > >
> > > > Jerold Schulman
> > > > Windows: General MVP
> > > > JSI, Inc.
> > > >
http://www.jsiinc.com
> > > >
> >
> >
>
>
Facebook
Twitter
Instagram