Keith Westberg
asked on
w2k and logon script changes
Question...
I manage many workstations which are 60% w2k and 40% nt4. I have noticed that my logon script is not
making some system settings whether or not the user is an admin. It appears that the only way I can
make settings like "Don't show last username" and "Password experation" can only be manualy configured.
The script does not take effect on the w2k systems. It sounds like my only option is the group policies,
but I do not have access to the logon domain accounts or to implement group policies... mandated security
policies do not allow me this access, only logon script is allowed. So, now that I have more and more
systems with w2k, I need to find a way to accomplish these settings the way nt4 has allowed... any suggestions
cheers
I manage many workstations which are 60% w2k and 40% nt4. I have noticed that my logon script is not
making some system settings whether or not the user is an admin. It appears that the only way I can
make settings like "Don't show last username" and "Password experation" can only be manualy configured.
The script does not take effect on the w2k systems. It sounds like my only option is the group policies,
but I do not have access to the logon domain accounts or to implement group policies... mandated security
policies do not allow me this access, only logon script is allowed. So, now that I have more and more
systems with w2k, I need to find a way to accomplish these settings the way nt4 has allowed... any suggestions
cheers
ASKER
Cool thanks. It is an NT domain and we do not us AD. So, now that I have a master policy template, and they are copied via script, how do they get applied? I guess the *.adm file is applied during login? What rights do the logon users need to apply these policy settings. 98% of our users are just that... USER. Will I be able to make security policy changes through the policy via a local user account during logon? Thank you for the response :)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
-On one win2k station tweak the local policy settings & export them to a template... Import the policy template to the other win2k stations through the login script or manually at each station through a shared location.
-This would of course would work only if this is either not a 2000 domain but rather an NT4 domain, or no "no override" settings are applied to the domain GPO or OU GPO's that apply to your win2k pro computers in a 2000 domain.