Re: Workstation Security Policies & RSoP

Hello Matthew,

In AD create an OU named Test or what you like. Move a test workstation in it and a test user account. From here you can start with a GPO for all settings you want to try. Check the security tab from the policy, that domain users and domain workstations will apply the policy (or choose only the test machine and test user). Make sure that DNS is correctly setup for the client, only to point to your internal DNS server.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.dts-l.org/goodpost.htm

We are having issues being able to install a print driver on several
workstations unless an admin had it installed first.

So, to diagnose, I thought I would checkout the security polices on
those affected computers to see if anything goofy was going on. Well
there is.....

When I perform an RSoP on any workstation, under Computer
Config\Windows
Security\Security Settings the only sub items that are retrieved are:
Wireless Network, Public Key Policies, and Software Restrictions.
Account Policies, Local Policies, Event log, etc are all missing.
So I went to visit one of these workstations and performed a gpupdate
/force. Did not seem to resolve anything.

I then check some computers that haven't reported any printer issues,
and perform and analyzed the local security policies. To my surprise
I found those computer behind on security configurations. My practice
is to create a security policy on a workstation, and once satisfied,
import it into an AD GPO. I thought that was all that needed done to
enforce security policies to any AD workstations.

So I have 2 issues here, which may be related:
1) Something is going on in local security policies, as I am not
able to
retrieve the current settings via RSoP
2) My most recently security policies are not necessarily being
deployed
to all the workstations through Group Policy
I'm stumped enough right now that I don't even now what questions to
ask to move this forward. If anyone has any thoughts or questions to
help clarify this, please pass them on.

Thanks all for your help in advance....

Matt Miller
MCSE


.

Relevant Pages

  • Workstation Security Policies & RSoP
    ... workstations unless an admin had it installed first. ... affected computers to see if anything goofy was going on. ... So I went to visit one of these workstations and performed a gpupdate ... I thought that was all that needed done to enforce security policies ...
    (microsoft.public.windows.server.security)
  • Security Policy
    ... GPRESULT ... >Running Win2K3 domain, Win XP workstations: ... >How do test to see what security policies have been ...
    (microsoft.public.windows.server.general)
  • Re: Im Stumped...
    ... I attempt to access the server via the UNC path. ... On 6 workstations I had no problems but 2 of ... involved plus I didnt feel the problem was the account I was using since ... I tried renaming on of the computers, ...
    (microsoft.public.windows.server.active_directory)
  • Re: Im Stumped...
    ... I attempt to access the server via the UNC path. ... involved plus I didnt feel the problem was the account I was using since it ... still do not see objects in the Computer container for the two workstations, ... I tried renaming on of the computers, ...
    (microsoft.public.windows.server.active_directory)
  • Re: Im Stumped...
    ... I attempt to access the server via the UNC path. ... On 6 workstations I had no problems but 2 of ... involved plus I didnt feel the problem was the account I was using since ... I tried renaming on of the computers, ...
    (microsoft.public.windows.server.active_directory)