Moze15
#0
som overskriften antyder har jeg et problem med gpedit.msc, hver gang jeg fortager en ændring i gpedit.msc sker der intet - hvilket er underligt, genstarter computeren men stadig intet....
hvad kan der være galt???
har XP Pro SP2
ps. det er en kritisk situation :( :(
hvad kan der være galt???
har XP Pro SP2
ps. det er en kritisk situation :( :(
#1
Husker du lave ændringen i computer-konfig istedet for bruger-konfig?
#2
#1
ja, men det har heller ingen effekt....
det er mærkligt, har aldrig oplevel noget lignende
ja, men det har heller ingen effekt....
det er mærkligt, har aldrig oplevel noget lignende
#3
hvad med adnimistrator rettigheder ?
#4
hvad kan man i gpedit.msc.
hvad skal det gøre godt for ?:(
hvad skal det gøre godt for ?:(
#5
Er computeren medlem af et domæne?
Sikkerhedsindstillingerne fra et domæne vil overskrive de lokale ændringer du laver.
/rtm
Sikkerhedsindstillingerne fra et domæne vil overskrive de lokale ændringer du laver.
/rtm
#6
Local
Site
Domain
Organisational Unit
Dette er rækkefølgen (Group) policies bliver tilføjet i windows 2000/2003.
Hvis maskinen (som #5 skriver) er medlem af et domæne, vil lokale policies bliver overskrevet af policies fra højere niveau.
Site
Domain
Organisational Unit
Dette er rækkefølgen (Group) policies bliver tilføjet i windows 2000/2003.
Hvis maskinen (som #5 skriver) er medlem af et domæne, vil lokale policies bliver overskrevet af policies fra højere niveau.
#7
Microsoft:
"Logon Rights
Logon rights control how security principals are allowed access to the computer—whether from the keyboard or through a network connection, or whether as a service or as a batch job. For each logon method, there exists a pair of logon rights—one to allow logging on to the computer and another to deny logging on to the computer. Use a deny logon right as you would use a deny permission—to exclude a subset of a group that has been assigned an allow logon right. For example, suppose that Alice wants all users except the members of the domain Marketing group to be able to log on locally at her computer’s keyboard. With this in mind, Alice creates a local group, which she names “LocalLogonDenied.” Then she configures her computer as follows:
1.
She assigns the log on locally user right to the Users group.
2.
She assigns the deny local logon user right to the LocalLogonDenied group.
3.
She makes the Marketing group a member of the LocalLogonDenied group.
Deny rights take precedence over allow rights, so members of the Marketing group are denied the right to log on locally even though they are also members of the Users group, which is allowed to log on locally.
Warning The rule to keep in mind is: “Allow a set, and then deny a subset.” Reversing the order can be disastrous. For example, Alice might want to allow no one but herself to log on locally. If she allowed herself the right to log on locally and denied the Users group the right to log on locally, she would be unpleasantly surprised to find that she had locked herself out of the computer. Alice, after all, is a member of the Users group, so the deny right she assigned to the Users group would take precedence over the allow right she assigned to herself.
"Logon Rights
Logon rights control how security principals are allowed access to the computer—whether from the keyboard or through a network connection, or whether as a service or as a batch job. For each logon method, there exists a pair of logon rights—one to allow logging on to the computer and another to deny logging on to the computer. Use a deny logon right as you would use a deny permission—to exclude a subset of a group that has been assigned an allow logon right. For example, suppose that Alice wants all users except the members of the domain Marketing group to be able to log on locally at her computer’s keyboard. With this in mind, Alice creates a local group, which she names “LocalLogonDenied.” Then she configures her computer as follows:
1.
She assigns the log on locally user right to the Users group.
2.
She assigns the deny local logon user right to the LocalLogonDenied group.
3.
She makes the Marketing group a member of the LocalLogonDenied group.
Deny rights take precedence over allow rights, so members of the Marketing group are denied the right to log on locally even though they are also members of the Users group, which is allowed to log on locally.
Warning The rule to keep in mind is: “Allow a set, and then deny a subset.” Reversing the order can be disastrous. For example, Alice might want to allow no one but herself to log on locally. If she allowed herself the right to log on locally and denied the Users group the right to log on locally, she would be unpleasantly surprised to find that she had locked herself out of the computer. Alice, after all, is a member of the Users group, so the deny right she assigned to the Users group would take precedence over the allow right she assigned to herself.
#8
Kort sagt: En "deny" regel overruler en "Allow" regel.
#9
#10
http://www.microsoft.com/techn...
Turn off the Fast Logon Enhancement
With the fast logon "enhancement" in Windows XP when users change from a local to a roaming profile, it will take two logons on each machine for profile changes to be registered. This is because the user always logs on with cached credentials; therefore it takes one logon for the network to notice that the user has become roaming and the second logon to apply these settings.
To ensure the best possible experience, enable the setting Always wait for the network at computer startup and logon, located at Computer Configuration\Administrative Templates\System\Logon.
Turn off the Fast Logon Enhancement
With the fast logon "enhancement" in Windows XP when users change from a local to a roaming profile, it will take two logons on each machine for profile changes to be registered. This is because the user always logs on with cached credentials; therefore it takes one logon for the network to notice that the user has become roaming and the second logon to apply these settings.
To ensure the best possible experience, enable the setting Always wait for the network at computer startup and logon, located at Computer Configuration\Administrative Templates\System\Logon.
#12