We help IT Professionals succeed at work.
Get Started

Active Directory - Local Security Policys

Last Modified: 2011-09-20
Good Evening.  Reciently I've just taken on a new Sysadmin job with a local company that has a small active active directy network which needs to be 'hardened' with the latest security policy's I've just received.  The network consists of a few Windows XP machines and a Windows 2003 server which has been setup as a DC with AD activated.  After locking down a stand-alone system, I exported the security script via the MMC and used this script to analyze the local computer policy on one of the local machines that is attached to the domain.  After analyzing the workstation through the MMC, I found some settings that needed to be changed, so I went into the Local Security policy through the Admin tools and was not able to change any of the settings.  It seems that all of the settings where 'grayed' out and I could not change them.  Ex:  Enforce Password History - Wanted to change the default to 5 but the password remembered box was grayed out. I've tried logging into the machine as the local administrator account/local computer name and even the domain admin account but I am still unable to change the settings.

After some research, it seems this might be a Group Policy problem, so I opened up the group policy tab in the AD gui on the DC and it was set to the default.  Because the machine builds are not the same (some have different software loads then others) I was wondering if there was a way to disable the security policys being pushed down (if this is the case) to the workstations so I can modify the individual workstations without the fear of them being reverted back once I restart the workstations.  I'm not very savy in AD as this was what was handed down to me without any passdown so any help would be most appreciated.  Thanks..

Watch Question
Awarded 2007
Top Expert 2008
This problem has been solved!
Unlock 2 Answers and 8 Comments.
See Answers
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE