|
From your description I can’t tell
what parts of policies you are trying to configure, but there are a few other
things to keep in mind here. (we are talking on a workgroup) 1) you cannot [feasibly] apply local user settings to specific users
using the below method – if you configure local user policy you configure
it for all of the users. There is a KB article (that I can’t seem
to find currently, sorry) that details a tedious method to go about setting a
restricted policy, logging on as a user, logging back on as the administrator, resetting
the policy, modifying permissions to the policy files, and so on – but I
could not get it to work in practice – especially from an automated
standpoint. I used reg files in the end, applied to individual users. 2) You can use good ol’ poledit from NT4, it will still set
policies for local users in XP, believe it or not, for different users and
groups. I shuddered at using an NT4 tool and stayed away from it J 3) You can use reg load to load up user hives in a script if you need
to, and apply settings, and unload them – just remember to unload them or
Windows will create a new and unrestricted profile for that user next time
he/she logs on [thank you for playing] 4) You can look at Shared Computer Toolkit, I haven’t played
with it enough to verify but the guys at MS said you could configure it using a
command line. In a workgroup environment it’s worth a look, anyway. If you need more help on this, I have a
fair bit of experience doing it [unfortunately], feel free to ask. Rich ----------------------------------------------------------------------- From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darren Mar-Elia Secedit will work for security settings
but not administrative template settings. The only way to script getting admin
template settings in a local GPO to multiple machines is to copy the
underlying registry.pol key that stores those settings once you set them on
your "master" machine. There are two registry.pol files within the
local GPO, assuming you've set both Computer and User Admin Template policy.
These files are found at c:\windows\system32\grouppolicy\machine\registry.pol
and c:\windows\system32\grouppolicy\user\registry.pol. First copy these files
to your target machines. Then on your target machines, take a look at the file
called gpt.ini found in c:\windows\system32\grouppolicy. That ini file will
contain a version number key that will have a value. You'll need to increment
that value by at least 1 after copying the new registry.pol files onto each
machine, so that the machine knows that it has new local policy settings to
process. Darren From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] In the past, I have used secedit to do
this. See below for correct syntax. Check out the help for secedit for further
info. neil ___________________________ From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mitch Reid Hi, I'm in an environment where I need to apply/configure policies
locally on XP-SP2 computers. PLEASE READ: The information contained in this email is
confidential and intended for the named recipient(s) only. If you are not an
intended recipient of this email please notify the sender immediately
and delete your copy from your system. You must not copy, distribute or take
any further action in reliance on it. Email is not a secure method of
communication and Nomura International plc ('NIplc') will not, to the extent
permitted by law, accept responsibility or liability for (a) the accuracy or
completeness of, or (b) the presence of any virus, worm or similar malicious
or disabling code in, this message or any attachment(s) to it. If
verification of this email is sought then please request a hard copy. Unless
otherwise stated this email: (1) is not, and should not be treated or relied
upon as, investment research; (2) contains views or opinions that are
solely those of the author and do not necessarily represent those of NIplc;
(3) is intended for informational purposes only and is not a recommendation,
solicitation or offer to buy or sell securities or related financial
instruments. NIplc does not provide investment services to private customers.
Authorised and regulated by the Financial Services Authority. Registered in
no. 1550505 VAT No. 447 2492 35. Registered Office: 1
|
