Re: Allow log on locally in Default Domain Controller Policy.
- From: "zenner" <zenner@xxxxxxxxxxx>
- Date: Wed, 08 Jun 2005 20:17:15 GMT
Is your DC also serving double duty as possibly a File or Printer server?
Your System Administrator may have an explanation, if you are not the
sysAdmin...then ask him or her (respectfully, if possible.) if they knew
about it and/or intended to include domain users in the "logon locally"
permission list, and if so...why?
Asked in the right way you may get an explanation that is reasonable, given
the circumstances of your companies environment.
Even the best guidelines have exceptions...that's why the are called
Guideline, instead of rules.
"Rebsu" <Rebsu@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:BD38617E-5A13-4A21-A5D1-A7EB4A732294@xxxxxxxxxxxxxxxx
>I was looking over our group policy settings while studying for 70-292 and
> noticed that the group Domain Users is included in the Allow log on
> locally
> setting in the Default Domain Controller Policy. Is this ok or dangerous?
> Is it necessary? DCs are 2003 standard.
.
- Follow-Ups:
- References:
- Prev by Date: Re: E-mail Signatures
- Next by Date: Re: E-mail Signatures
- Previous by thread: Re: Allow log on locally in Default Domain Controller Policy.
- Next by thread: Re: Allow log on locally in Default Domain Controller Policy.
- Index(es):
Relevant Pages
|
