Local Security Policy problem - Reverts after reboot - xp sp2

---

• From: boyleyc@xxxxxxxxx
• Date: 24 Nov 2006 07:27:36 -0800

---

Hi all

I have the post XP SP2 problem on various machines on our network,
whereby the following permissions are missing from the Local Security
Policy :

Create Global Objects
Impersonate a Client After authentication

This causes numerous problems such as search doesnt work, no icons in
network connections folder, basically all those acknowleded in MS KB
article 916254 or here http://support.microsoft.com/kb/916254.

Now we dont have an Active Directory domain (We use Novell), so
policies can be changed locally on individual machines (we use Zen to
push registry fixes but DONOT push GP policies as we are putting AD in
soon). However the fix is to add service, administators & interactive
to both groups. Works fine......until after the second reboot, which
then reverts back to the original settings of blank on both policies.

I have disabled virus software, zen, novell, firewall, and done many
other suggestions in various newsgroups that i have found.

Even if i amend a different policy it still reverts back to the old one
after a reboot.

Has anybody got a fix or reason as to why i cannot change the local
security policy.

Also as part of the troubleshoot i have run gpresult which tells me
that the rsop is coming locally rather than from a network source
(obvious as no domain is present , but rules out influence via zen or
novell)

Thanks in advance

Chris
NHS Trust

.

---

• Prev by Date: Re: Startup help
• Next by Date: Re: Administrator password required, but I never set one!
• Previous by thread: Re: Reinstalled Windows - old my docs file still there, but can't acc
• Next by thread: Cached Passwords lost when workstation password is changed
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: EventID 1054 from Userenv for startup script ... So if you said "some machines don't have full access to the network ... at startup" the GPO's seems not to apply correct. ... startup script policy. ... (microsoft.public.windows.group_policy) Re: Big networking problems ... network, and thus the internet, but cannot connect to the home computer. ... Administrative Tools in my home comp, Local Security Settings, Local ... Saying "Could not assign Local Policy setting. ... (microsoft.public.windowsxp.network_web) Re: restricting certain machines. ... addresses to machines that have approved mac addresses, ... I believe there are switches that can control access by mac tables ... authentication [AH header policy could be created, ... unauthorized computer on your network puts your whole network at risk for ... (microsoft.public.win2000.security) RE: policy to enable login after network connection !! how ? ... Usually XP clients login with "Fast Login Optimization" engine. ... the users to wait till they got connect to Wireless network, ... Always wait for network before Logon> this policy only belongs to local ... Run Gpresult /v on one of the non-working machines and double check ... (microsoft.public.windows.server.active_directory) Re: [fw-wiz] Firewalling at the domain users level instead of network level ... > users" level instead of network or ip level. ... If the firewall has to ask ... other machines on the network about information (such as looking up IP ... The second concern is a matter of policy: why do you want your firewall ... (Firewall-Wizards)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(15)