G
Guest
I have successfully used NTRIGHTS.EXE to update the local security policy on
all of the servers that I curretly administer but I am unable to use it in
specific instances. I am having trouble making changes if I don't have the
user name that I wish to remove from a particular property, only the SID. For
example, this syntax works perfectly:
ntrights -m \\Computer -u User -r SeInteractiveLogonRight
but in some cases I am unable to simply place the user name there since all
that is currently listed when I view the active local security policy
settings is the SID. In this case if I place the SID in place of the user
name I recieve the following error:
Revoking SeInteractiveLogonRight from
S-1-5-21-484763869-854245398-1801674531-1
001 on \\Computer... failed (GetAccountSid(S-1-5-21-484763869-854245398-18016
74531-1001)=1332
How would you script the modification or local security policy rights if you
do not have a user name, only a SID?
all of the servers that I curretly administer but I am unable to use it in
specific instances. I am having trouble making changes if I don't have the
user name that I wish to remove from a particular property, only the SID. For
example, this syntax works perfectly:
ntrights -m \\Computer -u User -r SeInteractiveLogonRight
but in some cases I am unable to simply place the user name there since all
that is currently listed when I view the active local security policy
settings is the SID. In this case if I place the SID in place of the user
name I recieve the following error:
Revoking SeInteractiveLogonRight from
S-1-5-21-484763869-854245398-1801674531-1
001 on \\Computer... failed (GetAccountSid(S-1-5-21-484763869-854245398-18016
74531-1001)=1332
How would you script the modification or local security policy rights if you
do not have a user name, only a SID?