Default dc policy

Posted on 2009-12-29
Last Modified: 2012-05-08
I have a network that was setup by someone else and it looks like they applies the default dc policy to the hole domain. when user want to shut down thier computer the only option they have is log off, so they need to log off then ctrl alt del and select oprion and then shutdown.
when ever i add a new computer the the domain it does the same think but I can not find in the default policy where this is set and there are no other gpo"s on the system.
does anyone know where this is set at the domain level.
Question by:jgajma
    LVL 3

    Accepted Solution

    Hello ,
    Have you checked  the following parameter on the default domain policy :
    -User Configuration>Administrative Templates and locate the option known as "Remove and prevent access to the shutdown command".
    -Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment\
    If these settings are as default , check if there are not a login script that modify computer registry settings.
    LVL 76

    Expert Comment

    The default domain controller policy only applies to the entire domain.
    You can always unlik the defalt domain controller policy for the top of the domain and only apply it to the domain controllers OU.

    Get GPMC for your server which will make things much easier, from:
    Use GPMC logging mechanism to get a representation of what settings are set by which GPO.
    You can change it.
    There is another option that does not allow non-administrators to turn the system off.

    Author Comment

    No logon or logoff script
    LVL 76

    Expert Comment

    Instead of searching every policy you have for a setting, run the GPMC results wizard and there you can see which setting comes from which policy/ies and which is the winning policy.  This way you can address the issue once and for all versus finding one, fixing it and then discovering that there is another policy that has this same setting.

    Featured Post

    Top 6 Sources for Identifying Threat Actor TTPs

    Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

    Join & Write a Comment

    Have you ever had a hard drive that you can't boot into, but need to change the registry? Here is the solution! This article guides you through accessing and editing a registry of a non-primary drive. To read registry information on a non-prim…
    Ever notice how you can't use a new drive in Windows without having Windows assigning a Disk Signature?  Ever have a signature collision problem (especially with Virtual Machines?)  This article is intended to help you understand what's going on and…
    Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
    Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…

    728 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now