RE: [ActiveDir] XP Permissioning and Group Policy

[Kevin Sullivan]

Mario, this is sort of a stretch but having seen it before it can be a pain. Are you experiencing this on a test network? And if so is the Administrator’s password blank?   This setting “Computer Configuration\Security Settings\Local Policies\Security Options\Accounts: Limit local account use of blank passwords to console logon only”   It sounds like everything is working locally this is what made me think of this setting.   Kevin   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darren Mar-Elia Sent: Wednesday, August 25, 2004 4:12 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] XP Permissioning and Group Policy   The first thing I'd check is that the Domain Admins group is a member of the local Administrators group on all of those remote workstations because it sounds like they are not. However, assuming they are, there is probably no single place where this is being locked down but I would start by looking on the local GPO on a remote machine in : Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options to see if you have any specific policies set to prevent remote access to those resources.     From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rosales, Mario Sent: Wednesday, August 25, 2004 12:06 PM To: '[EMAIL PROTECTED]' Subject: [ActiveDir] XP Permissioning and Group Policy Ok here is what we have. This might be a little off topic but Hopefully with all the GPO experience here I could get some assistance.    Any Help would be appreciated.   1. XP SP1 Workstation on an NT 4.0 Domain 2. Workstation User and Domain Admins Have Administration Access to the Computer   Here is what happens   Workstation User logs on and everything works fine Domain Admin Logs in and everything works fine   Domain admin tries to remotely look at the registry and gets access Denied Domain Admin tries to remotely look at the event viewer and gets access Denied   Domain Admin tries to remotely look at the User accounts/Groups and gets access Denied     Is there a setting or LocalGroup Policy that might affect this computer in this way?   Any help is appreciated!   Thanks in advance   *************************************************************************** The contents of this communication are intended only for the addressee and may contain confidential and/or privileged material. If you are not the intended recipient, please do not read, copy, use or disclose this communication and notify the sender. Opinions, conclusions and other information in this communication that do not relate to the official business of my company shall be understood as neither given nor endorsed by it. ***************************************************************************