Re: security policy

From: Nick Finco [MSFT] (nfinco_at_online.microsoft.com)
Date: 06/10/03

• Next message: Steven L Umbach: "Re: Disabling file & print sharing"
• Previous message: Steven L Umbach: "Re: Undoing local policies"
• In reply to: Moises: "security policy"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 9 Jun 2003 17:27:14 -0700

Unchecking this policy to 'undefine' it won't remove it from the win2k
clients. The setting that you set on them originally will stay there. You
need to set this setting to 0 to turn off this feature, let that propagate
throughout your domain, and then uncheck the setting (after a couple days).
That way your clients have the setting turned off via Group Policy before
you remove the setting from policy.

N

-- 
This posting is provided "AS IS" with no warranties, and confers no rights.
Any included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm
"Moises" <wdrago77@hotmail.com> wrote in message
news:026501c32c6d$7d2aa4f0$a501280a@phx.gbl...
Hi:
I have a Domain controller, which had the Domain security
policy configured with some policies like the account
lockout threshold with the option to lock out the account
with three invalid logon attempts. I unchecked this option
because IŽd wanna this policy  Žd be undefined , but when
I analized the policies with the Security Configuration
and Analisys I saw that the Database Setting wasnŽt
defined but the Computer setting was defined with the
fisrt configuration (three invalid logon attempts). I did
the secedit command to force the new configuration but it
doesnŽt change.
Also I saw at the Domain Controller security policy and
local security policy and the account policies were
undefined.
Could you help me to refresh the policies and apply the
last configuration at the computer setting and not only to
the database setting?
Thanks
Moises

• Next message: Steven L Umbach: "Re: Disabling file & print sharing"
• Previous message: Steven L Umbach: "Re: Undoing local policies"
• In reply to: Moises: "security policy"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Do Not Execute Group Policy for Admins Group ... The intent of policy loopback is to replace or merge user configuration ... The computer configuration settings from this list are applied to the ... > so that the group policy will only apply to a certain group of users ... (microsoft.public.win2000.group_policy) Re: More than one GPO on the same OU ... How does the Group Policy 'No Override' and 'Block Inheritance' work? ... NO OVERRIDE option of a GPO ... > COMPUTER CONFIGURATION ... [Christoffer Andersson] ... (microsoft.public.win2000.group_policy) Re: GPO Question ... If you only have the computer account in the OU, the User Configuration half ... of the policy won't apply. ... OU heirarchy below) to which the GPO is linked for it to apply. ... > Group Policy was applied from: ... (microsoft.public.win2000.group_policy) Re: Difference between Computer and User confiiguration ... From the description of loopback it is exactly what I want. ... User policy only applies to user accounts, and if the GPO is linked to an OU ... under user configuration to a machine OU? ... configuration settings higher precedence. ... (microsoft.public.windows.group_policy) RE: Outlook on startup cannot shutdown ... using the default policy. ... > outlook to run when user boot up the computer and do not allow them to ... This setting appears in the Computer Configuration and User ... > starts the programs specified in the User Configuration setting. ... (microsoft.public.windows.server.sbs)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint