Sign in with
Sign up | Sign in
Your question

Remove SID/User from a local Group Policy

Tags:
  • Policy
  • Security
  • Domain
  • Windows
Last response: in Windows 2000/NT
Share
March 9, 2005 11:00:29 AM

Archived from groups: microsoft.public.win2000.security (More info?)

I am simply trying to remove some old SIDs from the "Log on as a
Service" policy. I'm using the Group Policy editor. There is only an
"Add" button when I Right click on the policy and choose "Security...",
but no "Remove".

I'm Logged into the machine (Win 2k SP4) as a Domain Admin. I have
also checked that there is no overiding GPO at the Domain level. Is
there a way to remove the SIDs?

Thanks in advance.
-Justin

More about : remove sid user local group policy

Anonymous
a b 8 Security
March 10, 2005 12:42:11 AM

Archived from groups: microsoft.public.win2000.security (More info?)

Normally if I can add or remove local and domain groups I can remove
orphaned sids. Keep in mind that a sid showing could indicate a name
resolution or network connectivity problem in the domain. If you are sure
that you want to remove those sids you also could create a new security
template with just that user right defined with the groups added then you
want and then import that template. Also try logging on as the local
administrator. --- Steve


"Justin" <j.searles@verizon.net> wrote in message
news:1110384029.503760.91420@z14g2000cwz.googlegroups.com...
>I am simply trying to remove some old SIDs from the "Log on as a
> Service" policy. I'm using the Group Policy editor. There is only an
> "Add" button when I Right click on the policy and choose "Security...",
> but no "Remove".
>
> I'm Logged into the machine (Win 2k SP4) as a Domain Admin. I have
> also checked that there is no overiding GPO at the Domain level. Is
> there a way to remove the SIDs?
>
> Thanks in advance.
> -Justin
>
!