Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Secpol.msc locked from editing

Posted on 2011-02-23
3
Medium Priority
?
3,031 Views
Last Modified: 2012-05-11
I'm trying to add an account for "Log on as a batch job" and it won't allow me to add or edit the policy. The add and delete are greyed out.

This is Windows Server 2008 R2 Enterprise with Exchange 2010 SP1 installed on it. It is NOT a domain controller...although it is domained.

I am logged into the machine as the domain administrator and still can't change it.

Any ideas?

Thanks in advance!
0
Comment
Question by:liscr
  • 2
3 Comments
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 34962535
Hm, looks like

1) any other GPO in the domain blocks that
2) you need to run console with elevated privileges (click right mouse button on console and choose "run as administrator"

additionally, please run gpresult /z >c:\gpresult.txt

and attach it here, please

Regards,
Krzysztof
0
 

Author Comment

by:liscr
ID: 34963087
Hey Krzysztof,

I've run the SecPol.msc with elevated permissions, and still locked (even though I'm logged in as Domain\Administrator

Attached are the GPResults.

Thanks!
GPResult.txt
0
 
LVL 39

Accepted Solution

by:
Krzysztof Pytko earned 2000 total points
ID: 34963329
OK, looks like you have to do this using GPO, not local policies. GPRESULT doesn't show anything which could point us ti solution :)

If you wish to allow that user "log on as batch.." only on that server, create separate GPO and link to OU where it is. Use GPO Security Filtering to apply it only to that particular server.

That's my suggestion :]

Krzysztof
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
This article explains how to install and use the NTBackup utility that comes with Windows Server.
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question