Local v. Effective security setting
From: S. Shew (shew.1@osu.edu)
Date: 09/04/02
- Next message: Ron: "Administrative Access"
- Previous message: Eric Pearson: "win2000 domain controller"
- Next in thread: Terry Blankers: "Re: Local v. Effective security setting"
- Reply: Terry Blankers: "Re: Local v. Effective security setting"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "S. Shew" <shew.1@osu.edu> Date: Wed, 04 Sep 2002 04:34:38 -0700
I have a user having problems with Local v. Effective Settings.
Win2000, SP2 (although SP3 has been installed and uninstalled).
Specifically, the effective setting for "Unsigned driver installation
behavior" (in Local Security Settings | Security Settings | Local
Policies | Security Options) is "Do not allow installation,"
regardless of what we set for Local Setting. This workstation
is a member of a small domain (one DC, no additional sites or
OUs set up), as far as I can see this option is not defined on
the domain, and other workstations in the domain do not have this
effective setting for this policy.
About the time the user applied SP3, he also applied several
of the standard security templates.
Using the Security Configuration and Analysis plug-in, we can get
the Computer Setting to be what we want, but the Effective Setting
in Local Security Settings stays Do not allow installation, and we
can't install an unsigned video card driver.
I know that domain settings trump local settings, but other domain
members don't have this policy set so restrictively.
Any thoughts greatly appreciated.
Thanks,
Sandy
- Next message: Ron: "Administrative Access"
- Previous message: Eric Pearson: "win2000 domain controller"
- Next in thread: Terry Blankers: "Re: Local v. Effective security setting"
- Reply: Terry Blankers: "Re: Local v. Effective security setting"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
