Re: Group Policy to allow stopping a service
- From: "Jorge de Almeida Pinto [MVP - DS]" <SubstituteThisWithMyFullNameSeparatedByDots@xxxxxxxxx>
- Date: Wed, 3 Dec 2008 21:26:05 +0100
see:
http://blogs.dirteam.com/blogs/jorge/archive/2008/02/26/delegating-monitoring-stopping-starting-services-on-servers.aspx
it is NOT recommended to allow non-Domain Admins do things on DCs as it might compromise the security of the DC. That app shouldn't even be installed on the DC if you ask me
--
Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)
# Jorge de Almeida Pinto # MVP Identity & Access - Directory Services #
BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
------------------------------------------------------------------------------------------
* How to ask a question --> http://support.microsoft.com/?id=555375
------------------------------------------------------------------------------------------
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always test ANY suggestion in a test environment before implementing!
------------------------------------------------------------------------------------------
#################################################
#################################################
------------------------------------------------------------------------------------------
"Sam" <support@xxxxxx> wrote in message news:51932147-D9D2-431C-A724-B5388FAE0678@xxxxxxxxxxxxxxxx
I had actually modified an existing policy which was already linked and working. Anyways when I tried to disable the service now as a user it worked, so I guess it was just a matter of time..
Thanks anyways,
"Florian Frommherz [MVP]" <florian@xxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:uz0nzDMVJHA.4456@xxxxxxxxxxxxxxxxxxxxxxxSam,
Sam wrote:I am trying to allow my users to stop a specific service of a third party app. I have that app installed on my Domain Controller as well.
I went to Group Policy and under Computer Configuration > Windows Settings > System Services I modified the service I wanted and added Domain Users with Stop, Start, pause rights.
So you modified the security settings for the service in question, correct?
However Even if I use Group Policy Results in Group Policy Management, it doesn't show this setting and when I tried to stop on a laptop this service I get an access denied.
Have you linked the policy to a n OU that contains (the) computer objects? Since you configured a "Computer Configuration" setting, you need to link the policy to an OU that has computer objects in it.
cheers,
Florian
--
Microsoft MVP - Group Policy
eMail: prename [at] frickelsoft [dot] net.
blog: http://www.frickelsoft.net/blog.
Maillist (german): http://frickelsoft.net/cms/index.php?page=mailingliste
- Follow-Ups:
- References:
- Group Policy to allow stopping a service
- From: Sam
- Re: Group Policy to allow stopping a service
- From: Florian Frommherz [MVP]
- Re: Group Policy to allow stopping a service
- From: Sam
- Group Policy to allow stopping a service
- Prev by Date: Re: password expiry notification and external trust
- Next by Date: Re: AD Auditing tools
- Previous by thread: Re: Group Policy to allow stopping a service
- Next by thread: Re: Group Policy to allow stopping a service
- Index(es):
Relevant Pages
|
Loading
