Link to home
Start Free TrialLog in
Avatar of MrSlithy
MrSlithy

asked on

Security Policy Differences between XP and Win 7

I have a modified security Policy on some XP computers that limits logon to certain users and groups. The USER group us removed.  This does what I need to limit logon to certain XP computers on a domain.

I know that this can be done other ways via GPO and OUs, but I would appreciate it if any response sticks to the local machine.

When I go into SECPOL on a Windows 7 machine, where I used to see Log on Locally, I now see Deny logon locally.

I don't want to deny certain groups. I only want to allow certain groups.  Am I missing something?  How do I do the same on Windows 7 boxes as I had done on XP Boxes.

I can and have searched for this.  But I like asking the question here because I get more specific answers.

Thanks
ASKER CERTIFIED SOLUTION
Avatar of alicain
alicain

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of MrSlithy
MrSlithy

ASKER

Silly Rabbit!!!  its under "A" for allow.  I never had need for the Deny in XP. So the two opposites were "Deny  . . ."  and "Logon Locally"

I saw the DENY in Win 7, but I scrolled down to L and never found Logon Locally.

How was that for easy points?  Don't I feel silly.
Glad that was it.  It's better to ask and move on than stare blankly at the screen!

Lets be honest, we've all been there at some point :-)