2 Windows XP Platform, 1 Windows 2000 Domain, Security Policy Prob

[Guest]

Hello all,

I have a laptop and desktop computer running Windows XP SP2. Both are in a
Windows 2000 Server AD Domain. Everything was working fine until about two
weeks ago when I noticed that the desktop computer had it's Windows Firewall
Disabled, Security Center restricted (grayed out), and cannot be accessed
over the network by either the server or the laptop. So I go into the Local
Security Settings and find that the "Acces this computer from the network"
policy was blank. What I did was compare the two Local Security Settings from
both the laptop and desktop. However, the desktop settings from accessing
from the network would again be blank the next time I check.

This, along with the fact that my Security Center settings cannot be altered
because it gives me the "For your security, some settings are controlled by
Group Policy" message. I do not have any custom policy in place. I built the
server, configured DNS, created an AD domain, added the computers, added
users, and that's it, the simplest of server and domain configurations.

Is there any solution to this bizarre situation? Any hints or suggestions
greatly appreciated.

Only the desktop seems to be controlled by some rogue "Group Policy" whilst
the laptop retains it's local security policy in combination with the Domain
Policy.

Thanks in advanced.

 

[Colin Nash [MVP]]

Hello all,

I have a laptop and desktop computer running Windows XP SP2. Both are in a
Windows 2000 Server AD Domain. Everything was working fine until about two
weeks ago when I noticed that the desktop computer had it's Windows
Firewall
Disabled, Security Center restricted (grayed out), and cannot be accessed
over the network by either the server or the laptop. So I go into the
Local
Security Settings and find that the "Acces this computer from the network"
policy was blank. What I did was compare the two Local Security Settings
from
both the laptop and desktop. However, the desktop settings from accessing
from the network would again be blank the next time I check.

This, along with the fact that my Security Center settings cannot be
altered
because it gives me the "For your security, some settings are controlled
by
Group Policy" message. I do not have any custom policy in place. I built
the
server, configured DNS, created an AD domain, added the computers, added
users, and that's it, the simplest of server and domain configurations.

Is there any solution to this bizarre situation? Any hints or suggestions
greatly appreciated.

Only the desktop seems to be controlled by some rogue "Group Policy"
whilst
the laptop retains it's local security policy in combination with the
Domain
Policy.

Thanks in advanced.

If you run GPRESULT on the XP computer you'll get some hints about what
policies are being applied and where they come from... it's a place to
start.

 

[Guest]

This is what I received after running gpresult though I'm not quite sure what
to do with it.

____

RSOP results for INTELLIGENCE\Thomas.Nguyen on INTELGATE01 : Logging Mode
--------------------------------------------------------------------------

OS Type: Microsoft Windows XP Professional
OS Configuration: Member Workstation
OS Version: 5.1.2600
Domain Name: INTELLIGENCE
Domain Type: Windows 2000
Site Name: Default-First-Site-Name
Roaming Profile:
Local Profile: C:\Documents and Settings\Thomas.Nguyen
Connected over a slow link?: No


COMPUTER SETTINGS
------------------
CN=INTELGATE01,CN=Computers,DC=INTELLIGENCE,DC=NGUYEN,DC=com
Last time Group Policy was applied: 8/14/2006 at 5:27:40 PM
Group Policy was applied from: intelserv01.INTELLIGENCE.NGUYEN.COM
Group Policy slow link threshold: 500 kbps

Applied Group Policy Objects
-----------------------------
Local Group Policy

The following GPOs were not applied because they were filtered out
-------------------------------------------------------------------
Default Domain Policy
Filtering: Not Applied (Unknown Reason)

The computer is a part of the following security groups:
--------------------------------------------------------
BUILTIN\Administrators
Everyone
Debugger Users
BUILTIN\Users
NT AUTHORITY\NETWORK
NT AUTHORITY\Authenticated Users
INTELGATE01$
Domain Computers


USER SETTINGS
--------------
CN=Thomas D. Nguyen,OU=Level 1 Users,DC=INTELLIGENCE,DC=NGUYEN,DC=com
Last time Group Policy was applied: 8/14/2006 at 6:09:30 PM
Group Policy was applied from: intelserv01.INTELLIGENCE.NGUYEN.COM
Group Policy slow link threshold: 500 kbps

Applied Group Policy Objects
-----------------------------
N/A

The following GPOs were not applied because they were filtered out
-------------------------------------------------------------------
Default Domain Policy
Filtering: Denied (Security)

Local Group Policy
Filtering: Not Applied (Empty)

The user is a part of the following security groups:
----------------------------------------------------
Domain Users
Everyone
Debugger Users
BUILTIN\Users
BUILTIN\Administrators
NT AUTHORITY\INTERACTIVE
NT AUTHORITY\Authenticated Users
LOCAL
Schema Admins
Domain Admins
Group Policy Creator Owners
Enterprise Admins

 

[Guest]

Hello again,

I've been reading around the different threads in the newsgroup and saw a
few threads that also link this problem to a virus. Does anyone have an exact
knowledge of which virus it can be? I've also tried to reload the default GPO
for both the domain and domain controller but have found few results. My
desktop is quite exposed at this point and vulnerable to spyware/viral
attacks. Any help is appreciated. Thanks in advance once again.