Remove SID/User from a local Group Policy

Archived from groups: microsoft.public.win2000.security (More info?)

I am simply trying to remove some old SIDs from the "Log on as a
Service" policy. I'm using the Group Policy editor. There is only an
"Add" button when I Right click on the policy and choose "Security...",
but no "Remove".

I'm Logged into the machine (Win 2k SP4) as a Domain Admin. I have
also checked that there is no overiding GPO at the Domain level. Is
there a way to remove the SIDs?

Thanks in advance.
-Justin
1 answer Last reply
More about remove user local group policy
  1. Archived from groups: microsoft.public.win2000.security (More info?)

    Normally if I can add or remove local and domain groups I can remove
    orphaned sids. Keep in mind that a sid showing could indicate a name
    resolution or network connectivity problem in the domain. If you are sure
    that you want to remove those sids you also could create a new security
    template with just that user right defined with the groups added then you
    want and then import that template. Also try logging on as the local
    administrator. --- Steve


    "Justin" <j.searles@verizon.net> wrote in message
    news:1110384029.503760.91420@z14g2000cwz.googlegroups.com...
    >I am simply trying to remove some old SIDs from the "Log on as a
    > Service" policy. I'm using the Group Policy editor. There is only an
    > "Add" button when I Right click on the policy and choose "Security...",
    > but no "Remove".
    >
    > I'm Logged into the machine (Win 2k SP4) as a Domain Admin. I have
    > also checked that there is no overiding GPO at the Domain level. Is
    > there a way to remove the SIDs?
    >
    > Thanks in advance.
    > -Justin
    >
Ask a new question

Read More

Policy Security Domain Windows