Increase Quotas in Local Security Policy of Windows 2000

J

JD

Hi All,

I've done the basic research on the "Increase quotas" setting in Local
Security Policy | User Rights Assignment of Windows 2000 Server but
have yet to find a straight answer to the question below.

If I remove Administrators from the Effective Setting will it cause
harm? So far my test server seems to function correctly, Performance
Monitoring works great, that is what I read may be impacted. I realize
Cluster Administrator and SQL service related accounts will need this
setting but does the whole Administrators group require access?

Any advice is greatly appreciated.
Thanks -
JD
 
S

Steven Umbach

If everything works well I would not worry about not including administrators
keeping in mind that if something does not work as it should at a later time you
may need to tweak that user right if that is the problem. I also suggest that
you enable auditing of privilege use for failure on your servers as it should
record a failure event for a privilege [user right] if the user tries to perform
a task that requires a user right that he does not have. There are a few common
user rights that are not audited unless you make a registry change if you have a
need to audit them. The link below explains more. --- Steve

http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/521.mspx
--- auditing of privilige use.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Changing process priorities of normal users 3
Local Login Policy/Effective Policy does not grant login, Windows 3
where in windows 2000 ? 1
Windows 2000 Server Local Policy 1
No Local Security Policy 3
Win2K Auditing / Security Event Log Problems 2
Scripting Local Security Policy Install 2
Effective Policy Setting for IWAM_Machinename account 4

Top