Re: Security Config and Analysis issue


"Bryce" <Bryce@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:45EC0701-4CE4-47A2-B900-4688E6D828B4@xxxxxxxxxxxxxxxx
Hi,
Thanks for the response. After several tests, the apply and replace did
not
"apply and replace", it merged.
Changing to "propagate" actually replaced the settings. Go figure.


hmmm - that is quite bizzarre

If MMC v3 is still broken, then i will try to work around it. Would you
know of any free software that can perform the ntfs and registry security
comparisons?
No I do not, and even though the report (green checks, red x, counts) is a
bit brain-dead (and has been since initial release with W2k) it is quite
concise and useful. When I say brain-dead I am referring to how the
counts bubble up, which is (and has been acknowleged by MS to be)
less than accurate (or accurate as one would think the counts should
add up). At least one has a different way to drill into the permissions
now that that part is broken.

Roger

"Roger Abell [MVP]" wrote:

"Bryce" <Bryce@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:54064063-B0AF-4614-AB14-3835A222F46A@xxxxxxxxxxxxxxxx
Hi,
I have member servers that we want to roll out a custom security
template
to. We created the template and verified the settings. we can analyze
and
configure.
not all the settings take. the security permissions for the ntfs and
registry strings are not there.
when we re analyze we see a green check mark but when we go to the
location
(not in the mmc), we still see power users and others that should have
been
removed.

Are you choosing to apply and then replace or apply and then propagate
inheritables ?
Fron the expections your post seems to imply you would need to use the
first
of these.

also
if i try to view the properties of the security items in the mmc, i get
an
error message saying "MMC has detected an error in a snap-in. It is
recommended that you shutdown and restart the MMC.
Report error to MS and close
Ingnore and continue
this is server 2003 sp2 and i reviewed kb915797 and even tried the
hotfix
but does not install because i have sp2 which is newer than the hotfix
message appears.


I reported that to MS as needing to get fixed when mmc 3 first released,
but to my awareness that functionality remains broken without a fix.

any thoughts or suggestions. i am working in a test lab so if if craps
out
dont worry about it.





.

Relevant Pages

  • Re: Security Config and Analysis issue
    ... I have member servers that we want to roll out a custom security template ... We created the template and verified the settings. ... when we re analyze we see a green check mark but when we go to the ... (not in the mmc), we still see power users and others that should have ...
    (microsoft.public.windows.server.security)
  • Re: Security Config and Analysis issue
    ... Changing to "propagate" actually replaced the settings. ... If MMC v3 is still broken, then i will try to work around it. ... I have member servers that we want to roll out a custom security template ...
    (microsoft.public.windows.server.security)
  • Security Config and Analysis issue
    ... I have member servers that we want to roll out a custom security template ... We created the template and verified the settings. ... when we re analyze we see a green check mark but when we go to the location ... (not in the mmc), we still see power users and others that should have been ...
    (microsoft.public.windows.server.security)
  • Re: set local group policy using a script
    ... The settings I want to export and import is not the security settings. ... They are not listed in the "Security Templates" mmc!! ...
    (microsoft.public.windowsxp.setup_deployment)
  • Re: GPO Update Problem (SYSVOL access via UNC)
    ... Server Security and Auditing Policy ... This list only includes links in the domain of the GPO. ... The settings in this GPO can only apply to the following groups, users, ...
    (microsoft.public.win2000.group_policy)