Re: Problem with password local security policy

From: Steven L Umbach (n9rou_at_n0-spam-for-me-comcast.net)
Date: 11/18/05 

Date: Fri, 18 Nov 2005 11:38:51 -0600

In such case you could change the ntfs permissions on control.exe or add it
to the blacklisted applications in Group Policy under user
configuration/administrative templates/system - don't run specified Windows
applications. --- Steve

"kasommer" <kasommer@discussions.microsoft.com> wrote in message
news:31CF17E1-4746-4A7C-BA0B-83CA4E7D9CB9@microsoft.com...
> Same thing described in this thread that I started..
>
> http://www.microsoft.com/windowsxp/expertzone/newsgroups/reader.mspx?dg=microsoft.public.win2000.security&tid=fa69fa9f-9ab9-4992-834a-e7d3d4327adc&p=1
>
> I'm guessing the only answer is to not allow access to that control panel
> applet. Even then it can still be invoked by "control userpasswords"
>
>
>
>
> "GSelser" wrote:
>
>> At my company we have several systems that are stand alone windows 2000
>> pro
>> workstations. We have the local security policy set so that you have to
>> put a
>> password in that is 9 characters long. If you go to local user and groups
>> and
>> create a new user, it will not finish or complete if you do not assign a
>> password that is a least 9 characters long.
>> We found today that if you open the user and password applet in the
>> control
>> panel and click add under the user tab and go through the new user
>> wizard, it
>> will allow you to assign a blank password. This can only be done if the
>> account is created by a administrator.
>> What I need to know is why does it allow it when you use the applet and
>> not
>> when you use the local user and groups interface and is there a way to
>> disable or set it so that you cannot easliy create a new user with no
>> password.
>> These systems are for use in a closed environment and the company does
>> not
>> like that you can so easily create a blank password account.
>> Any suggestions will be appreciated.
>> Thanks
>> Glenn

Relevant Pages

  • local user in log on as service group polcy Event log error 1202
    ... We have a couple of servers that use a local user to log on as a service. ... This group policy applies to all servers in our ... security policies to these servers? ...
    (microsoft.public.win2000.group_policy)
  • Re: Prevent CD-ROM & Floppy access
    ... Hard to believe that Microsoft's so called 'powerful' Group Policy doesn't ... > require the use of third party tools as shown in the links below. ... > that have trial version time limited downloads. ... >> for the local user period ...
    (microsoft.public.win2000.group_policy)
  • Local & Group policy.
    ... I installed active directory then I attempted to remove ... In the process I lost my access to Local user and ... group policy. ...
    (microsoft.public.win2000.active_directory)
  • Re: logon scripts and workgroups ...
    ... but you'll have to set a logon script for each local user account - ... you can't do it with group policy or via AD. ...
    (microsoft.public.windows.server.general)