Re: Locking down a Local User in XP Pro Sp 1
From: Mr K N Cowans (manager_at_armthorpe.doncaster.sch.uk)
Date: 06/16/04
- Previous message: Ben Young: "Re: Group Policy - Power Settings"
- In reply to: Mark Renoden [MSFT]: "Re: Locking down a Local User in XP Pro Sp 1"
- Next in thread: Lehman's Old-time Hardware - System Administrator: "Re: Locking down a Local User in XP Pro Sp 1"
- Reply: Lehman's Old-time Hardware - System Administrator: "Re: Locking down a Local User in XP Pro Sp 1"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 16 Jun 2004 08:01:29 +0100
Hello Mark
Thanks for the suggestions.
The reason I want to be able to do this is that these Laptops are used by
pupils.
It is fine when they are connected to the Network as the Domain Policy is
enforced but the Laptops are also used when not connected to the Network and
so the pupils have to Logon locally.
Thanks in advance
Kevin
"Mark Renoden [MSFT]" <markreno@online.microsoft.com> wrote in message
news:%23TPwVTyUEHA.3476@tk2msftngp13.phx.gbl...
> Hi Kevin
>
> %systemroot%\system32\GroupPolicy contains the local GPO files. If you
were
> to replace these with a copy of the files associated with your domain
based
> policy, you'd get the settings applied locally. Problems I see with this:
>
> 1. Watch out you don't break the permissions in the directory structure
when
> you replace the local policy structure. You may want to run something
like
> cacls or xcacls and output to a text file to capture the current
permissions
> and then do it again afterwards to ensure nothing has changed.
>
> 2. If you apply policy here, it applies to everyone all the time. Anyone
> who logs onto the machine including Administrators will be subject to the
> restrictions imposed by the policy. This is possibly not what you want.
>
> 3. This is me making things up. I doubt this is a documented or supported
> procedure.
>
> What is the necessity for doing this? Perhaps there's an alternate
> approach?
>
> Kind regards
> --
> Mark Renoden [MSFT]
> Windows Platform Support Team
> Email: markreno@online.microsoft.com
>
> Please note you'll need to strip ".online" from my email address to email
> me; I'll post a response back to the group.
>
> This posting is provided "AS IS" with no warranties, and confers no
rights.
>
> "Kevin Cowans" <kevin@kncowans.demon.co.uk> wrote in message
> news:uOyuUqwUEHA.644@tk2msftngp13.phx.gbl...
> > Hello all
> >
> > I currently lock down our users (pupils) using Domain based Group
Policies
> > which are working great but now I need to be able to lock down a local
> > user
> > in XP Pro on Laptops.
> >
> > Is it possible to somehow transfer the settings from the Domain based
> > Group
> > Policy to the Laptop and use it for the Loca Policy settings?
> >
> > If this is not possible then does anyone have any suggestions as to how
I
> > can lock down a Local user on a Laptop.
> >
> > Thanks in advance
> >
> > Kevin
> >
> >
>
>
- Previous message: Ben Young: "Re: Group Policy - Power Settings"
- In reply to: Mark Renoden [MSFT]: "Re: Locking down a Local User in XP Pro Sp 1"
- Next in thread: Lehman's Old-time Hardware - System Administrator: "Re: Locking down a Local User in XP Pro Sp 1"
- Reply: Lehman's Old-time Hardware - System Administrator: "Re: Locking down a Local User in XP Pro Sp 1"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
