Re: Deploy a local policy
- From: "Roger Abell [MVP]" <mvpNoSpam@xxxxxxx>
- Date: Thu, 1 Dec 2005 23:01:03 -0700
Get a GPO defined and linked to your OU and write of its
settings within that GPO delegated to you.
The above is AD level 101. Those controlling the enterprise
need to understand that and leverage what is Windows to
enble you in your work. Feel free to forward the comment.
Otherwise, you could define a security template and then
use secedit at each machine to import it into the local security
policy. Regretfully, as you do not have access to startup
script policies for the machines, you would have to do this
by being innovative or by visiting 600 machines.
Now, you do not say what reg keys you were touching,
but if they are ones with /Policies/ in their path, and you are
finding that your changes to values do not stick, then doing
as just outlined for adjustment of local policy will yield no joy.
That your manual changes do not stick shows that they are
being controlled by AD based GPO policy settings.
Your solution is in getting the domain admins to delegate
as the Windows architecture allows and intends.
--
Roger Abell
Microsoft MVP (Windows Server : Security)
"HEGMS" <HEGMS@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:70B1EEE9-6E44-42DE-A0E5-8F172D101E4A@xxxxxxxxxxxxxxxx
> Hello,
>
> I need to change the local policy of all my computers in my domain. I've
> try
> to change directly the registry value, but when I check in gpedit.msc the
> value are not change.
>
> How can I do to change local policy of 600 computers without reinstalling
> them ? I also don't have access to the Global Policy tools. I can manage
> my
> OU but not policies :(
>
> Regards
> HEGms
.
- Prev by Date: Re: force physical memory dump without rebooting
- Next by Date: Re: Why is MS04-011 (KB835732) not included in current MS05-05X updates?
- Previous by thread: Re: Deploy a local policy
- Next by thread: Apply IPSec policy per user, not per computer
- Index(es):
Relevant Pages
|
