Re: Local Policy reverting back to old settings
- From: "Roger Abell [MVP]" <mvpNoSpam@xxxxxxx>
- Date: Wed, 20 Sep 2006 07:14:21 -0700
So you are saying that if the user changes their password, then the
reversions you have done get undone (or is it only if the password
has been expired and then changed).
I notice that you are discussing two User policy settings, and also,
you stated initially
. . . and either by reg hack or gpedit would makeClearly, if the reversion were done my "reg hack" they would be
the change and turn it off.
undone at the first time policy is reapplied. The local policy would
still be in force, but with hacked effect, until then, and it would say
to set things as originally configured.
Are you sure this is happening on machines where use of gpedit
was the method for making the reversions?
And again, reverting those settings with an AD based GPO would
be one way to overrule the local settings without use of per-machine
gpedit.
"Fastenal-LPT Tech" <FastenalLPTTech@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:F1C653C1-67B4-41D1-98AC-7632B84FF030@xxxxxxxxxxxxxxxx
Based on domain GPO, passwords are required to be changed every 3 months,
and
it seems that as soon as the user does this, the old local policy settings
come back even tho they have been manually changed in gpedit prior. So it
would seem that the machines revert back to the original local policy
settings from the image. We create an image for each model of laptop we
use,
included in the image is a local policy, and this is where it gets the
original settings. One would think that when changes are made thru gpedit
that it would edit .POL files which write these to the registry. We have
also
noticed in the past that we have the c: drive hidden from the users since
they're profile and user data is stored on the d: drive. If we unhide
these,
these settings also revert back to hidden.
"Roger Abell [MVP]" wrote:
What is this "every three month mandatory password change" ?
More specifically, are you sure it only changes passwords??
Why not apply a reversing setting via AD based GPO? Once
this is seen by a machine being local, it will be cached and so
remain in force even when the machine is non-local, and if the
"every three month" thing fires off, if it is tweaking local settings
those also would still be below the AD based setting in pecking
order.
"Fastenal-LPT Tech" <Fastenal-LPT Tech@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote
in
message news:E5DEC335-7667-4457-8D6B-0E47827F3A10@xxxxxxxxxxxxxxxx
We have 700+ laptops in our network, last year in the local policy one
tech
thought it would speed up the login process by running login scripts
sycronously.
This caused the laptops that received the image with this to take 10
minutes
before loading up the desktop when not plugged into the network. We
since
figured out this was the cause and either by reg hack or gpedit would
make
the change and turn it off.
But every 3 months after the mandatory password change it reverts back
to
the old local policy and brings back these settings, does anyone know
why
this happens even after going in and changing the local policy setting?
What
are the steps to completely wipe out old local policy and replace with
a
new
one.
.
- Follow-Ups:
- Re: Local Policy reverting back to old settings
- From: Fastenal-LPT Tech
- Re: Local Policy reverting back to old settings
- References:
- Re: Local Policy reverting back to old settings
- From: Roger Abell [MVP]
- Re: Local Policy reverting back to old settings
- Prev by Date: Re: New Job, Default Domain GPO's edited.
- Next by Date: Re: Local Policy reverting back to old settings
- Previous by thread: Re: Local Policy reverting back to old settings
- Next by thread: Re: Local Policy reverting back to old settings
- Index(es):
Relevant Pages
|
