Re: User rights assignment in XP Pro
From: Simon Pleasants (plesbit_at_hotmail.com)
Date: 03/11/04
- Next message: Lanwench [MVP - Exchange]: "Re: Run logon script automatically"
- Previous message: Victoria: "Self Booting PC"
- In reply to: matt: "RE: User rights assignment in XP Pro"
- Next in thread: Bruce Chambers: "Re: User rights assignment in XP Pro"
- Reply: Bruce Chambers: "Re: User rights assignment in XP Pro"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 11 Mar 2004 16:59:29 +0000
On Thu, 11 Mar 2004 08:16:06 -0800, "matt"
<anonymous@discussions.microsoft.com> wrote:
>I am having similar problems. Not sure if this answer helps you but I know that
>you can add various system rights to users and groups using the Local Security
>Policy console. This is located under Programs...Administrative Tools...Local
>Security Policy. You can add specific rights to a user or group that are not
>default without necessarily making users administrators on a machine. Create
>a new group, add your user to that group and then assign rights to that new
>group using the Local Security Policy console.
Thanks for the response. I have already tried this approach in full.
I am not too worried about, for example, changing the rights of an
individual user group at this stage (although I do know how to do it
should I want to). The problem is more the user groups to which the
users belong.
For example, all users are currently administrators. I want to demote
a specific user to a power user. How do I do it? Simple, in the
computer management console (Control Panel, Admin tools) I select the
user (under "users"), select "properties", the "member of" groups tab,
delete administrators from the list and add power users to it instead.
If you want to check it has worked, go to the groups option and check
the users listed as members in the properties of the power users
group. If the user you just added is listed there, it has worked.
The problem I have, is that XP is ignoring all user groups except
administrator and limited user. Since power users are not
administrators they are treated as limited users, rendering the
account useless. The only alternative I have at present is to set
them back to administrator and this is not acceptable under the
circumstances.
In short, I KNOW how to edit which users belong to which groups, and
even which groups can do what, but I cannot get Windows to recognise
anything except the limited users and administrators. Why not?
>By any chance would you know how to give users rights to manage system processes
>(suspend, kill, enable) without adding a user to the administrator group?
You could create a new group and allocate it the ability to do this
using the local security policy console. You can then assign the
user(s) you want to have this power to have membership of that group
(and cross check it by checking the user account seeing what groups it
is listed as being a member of).
Or so goes the theory - but since I can't get the damn thing to work
at all, it may be that you can't believe a word I said! It would work
in Win2k anyway!
Cheers
Simon
- Next message: Lanwench [MVP - Exchange]: "Re: Run logon script automatically"
- Previous message: Victoria: "Self Booting PC"
- In reply to: matt: "RE: User rights assignment in XP Pro"
- Next in thread: Bruce Chambers: "Re: User rights assignment in XP Pro"
- Reply: Bruce Chambers: "Re: User rights assignment in XP Pro"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
