security

  • Thread starter Thread starter yqyq22
  • Start date Start date
Y

yqyq22

Dear all,
I have a w2k Active-directory environment plus 3 child
domains with about 30 domain controllers.
If someone with enterprise admin rights in the domain
security policy remove everyone from "access everyone from
the network" and then set deny log on locally for
everyone. HOw can I manage my active directory if I don't
be able to log on locally on all my domaincontrollers.
Is there a way to avoid this trouble.
thanks a lot, and I would like to have some link.
 
You would have to install a parallel install on the PDC and manually modify
the gpttmpl.inf for the Domain controller policy so that you could login
and access the policies. The inf is located in the
sysvol\domainname.com\policis\{6ac...}..secedit\gpttmpl.inf

257346 "Access This Computer from the Network" User Right Causes Tools Not
to
http://support.microsoft.com/?id=257346

This posting is provided "AS IS" with no warranties, and confers no rights.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Back
Top