Applying security locally, no AD, no servers...

Posted on 2003-03-25
Medium Priority
Last Modified: 2013-12-04
Hi gurus!

I'm completely lost with all these security issues in Win2K.
Well, the problem is: I have a standalone Win2K Professional workstation, no servers, no AD, no DNS.
I need just apply more restriction to certain user or group (Users). Locally.

I've read all that Microsoft HOWTOs, but still frustrating: I don't understand the key trick - how to apply those settings I play with in Group Policy or Security snap-ins to the certain user or group???
What I have now is the settings (either Computer Configuration or User Configuration once have been changed) affect all users even from different groups. Seems oddly. How to isolate it? I need a normal admin and a tightly restricted user...

I suspect maybe I have to apply the Security Template or policy during logon, in the script using secedit? I don't quite understand the role of database here too.....
But in WinNT that was working somehow without logon script.
Or where to get a simple step-by-step instruction how to succeed with this trivial task?

Exhausted and disappointed.
Need your guide.
Question by:Serop
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2

Accepted Solution

MSGeek earned 300 total points
ID: 8205514
With a single workstation you can only use Local Security Policies, ther eis no way that I am aware of to have multiple policies in this situation.  You can however prevent the policies from affecting the administrator: http://support.microsoft.com/default.aspx?scid=kb;en-us;293655

The only security that you can apply based on local groups is NTFS rights and Registry Key rights.

Author Comment

ID: 8207214
Thanks, it works!

Expert Comment

ID: 8207724
Glad I could help.  MSGeek.

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
OfficeMate Freezes on login or does not load after login credentials are input.
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Suggested Courses

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question