Cannot edit user rights assignments in local security policy

Hello,

I have a windows 2000 domain.  In it I have a windows 2003 server.  I am trying to give a user the user right to log on as a batch job.  

When I open Local Security Policy on the 2003 server and try to edit the assignment, the "Add User or Group" and "Remove" buttons are greyed out.  This is true of all of the user rights assignments.  

I can edit the Security options, but not the Audit Polcies or User Rights Assignments.  

Any ideas?

Thanks - Bonnie
LVL 1
Bonnie_KAsked:
Who is Participating?
 
joedoe58Commented:
I would not recomend cahnging the domain security policy. It is better to make a new OU and link a GPO to that OU with the changes you want. That way if you do a misstake you will not propagate the misstake to all users on the network. It will also be eaiser to know what customizations you have done from the default settings.
0
 
valiconCommented:
Are you logged in as an admin?  Is this a DC?
0
 
binary_1001010Commented:
because domain policy overwrite local policy. you have to edit the domain security policy via start>administrator tools>domain security policy.
0
Cloud Class® Course: MCSA MCSE Windows Server 2012

This course teaches how to install and configure Windows Server 2012 R2.  It is the first step on your path to becoming a Microsoft Certified Solutions Expert (MCSE).

 
miroofi75Commented:
which server is running as DC, use AD group policy or domain security policy to implement log on as batch job.

you must have Administrative privilidges to do that.

regards,


imran
0
 
Bonnie_KAuthor Commented:
Thanks joedoe58, worked like a charm.  

Here's more info in case anyone else needs this solution:
The 2000 box is the DC, the 2003 is a member server.  It is an application server and the user I am adding is a consultant who will only support that server.  I made him an administrator of that computer, but he was unable to run a scheduled task that calls a batch file so I needed to give him the "logon as a batch job"  right.  I didn't want to give him rights over the entire domain, so joedoe58's solution was perfect.

Thanks to all who replied.

Bonnie
0
 
joedoe58Commented:
Have fun
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.