Re: Remove SID/User from a local Group Policy
From: Justin (j.searles_at_verizon.net)
Date: 03/10/05
- Next message: shawn: "make one group a member of another"
- Previous message: Justin: "Re: Remove SID/User from a local Group Policy"
- In reply to: Steven L Umbach: "Re: Remove SID/User from a local Group Policy"
- Next in thread: Steven L Umbach: "Re: Remove SID/User from a local Group Policy"
- Reply: Steven L Umbach: "Re: Remove SID/User from a local Group Policy"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 10 Mar 2005 13:40:08 -0800
I had the "Local Policy Setting" unchecked. I've run secedit, and
rebooted but to no avail. The sids continue to hang around. The
"Effective Policy Setting" is always checked and grayed out. The
output from gpresuts is (slightly edited for security):
*******************************************************************************
*******************************************************************************
Microsoft (R) Windows (R) 2000 Operating System Group Policy Result
tool
Copyright (C) Microsoft Corp. 1981-1999
Created on Thursday, March 10, 2005 at 4:28:38 PM
Operating System Information:
Operating System Type: Server
Operating System Version: 5.0.2195.Service Pack 4
Terminal Server Mode: Remote Administration
###############################################################
User Group Policy results for:
Domain Name: DOMAIN
Domain Type: Windows 2000
Site Name: Default-First-Site-Name
Roaming profile: (None)
Local profile: C:\Documents and Settings\Administrator.DOMAIN
The user is a member of the following security groups:
DOMAIN\Domain Users
\Everyone
BUILTIN\Users
BUILTIN\Administrators
NT AUTHORITY\INTERACTIVE
NT AUTHORITY\Authenticated Users
\LOCAL
###############################################################
Last time Group Policy was applied: Thursday, March 10, 2005 at 3:33:59
PM
###############################################################
Computer Group Policy results for:
Domain Name: DOMAIN
Domain Type: Windows 2000
Site Name: Default-First-Site-Name
The computer is a member of the following security groups:
BUILTIN\Administrators
\Everyone
NT AUTHORITY\Authenticated Users
###############################################################
Last time Group Policy was applied: Thursday, March 10, 2005 at 3:34:55
PM
Group Policy was applied from: ipcs-dev4.DOMAIN.com
===============================================================
The computer received "Registry" settings from these GPOs:
Local Group Policy
===============================================================
The computer received "Security" settings from these GPOs:
Local Group Policy
===============================================================
The computer received "EFS recovery" settings from these GPOs:
Local Group Policy
This is a pretty simple group of lab machines three machines in all
******************************************************************************
******************************************************************************
Does this tell us anything about whether the policy is being overriden.
I did look through the domain policies and everything appeared to be
"Not Defined" I specifically check the "Log on as Service" policy and
I'm sure that one is "Not Defined" at the Domain Level. I've installed
these few machines myself and they are in their own forest. As far as
I know there are no overriding policies. How would I check at the next
level up (the OU)?
Thanks again for your time.
-Justin
- Next message: shawn: "make one group a member of another"
- Previous message: Justin: "Re: Remove SID/User from a local Group Policy"
- In reply to: Steven L Umbach: "Re: Remove SID/User from a local Group Policy"
- Next in thread: Steven L Umbach: "Re: Remove SID/User from a local Group Policy"
- Reply: Steven L Umbach: "Re: Remove SID/User from a local Group Policy"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
