Need Help With Security Policy in w2k Pro

Toggle sidebar Toggle sidebar
J

JoeLoveOrga

Junior Member
Jul 9, 2001
4
0
0
If I don't have an active directory server (ADS)...

Is it possible to set a security policies in w2k Pro for regular user excluding the admin acount ?
I read some posting about it and still can not understand
Using Group Policies in Microsoft Management Console (MMC) will affect all user including the admin.

Some suggest that I need a w2k server and create an Organization Unit or OU.
but OU needs ADS to be turn on first.
I can't run the OU in MMC without turning on ADS.

At my place, there is a w2k server I can use but I am not allowed to turn on the ADS.

then, let's say the ADS is turn on, do every user need to login to the server

Please help....

Thank you very much

joe



Note : I am not a MCSE
 
F

flyfish

Senior member
Oct 23, 2000
856
0
0
What kind of security policies are you trying to set? You can create a custom group and put any user(s) in that group. That is, if the group you belong to allows you to set up such things.
 
S

Saltin

Platinum Member
Jul 21, 2001
2,175
0
0
You are correct in assuming that any policy you set on a stand-alone 2k pro box will affect all users, including the administrator.

In order to define security policies for individuals or groups of users, you will require a 2k server running the Active Directory. This also necessitates you having set up a domain network structure ( that is to say, non workgroup). Thus, all users who log on will authenticate against the server running AD.
Active Directory allows you to group users and computers into Organizational Units. Policy can then be applied to these OU's. You can also apply policy to the domain as a whole ( the account security options are generally applied at this level).

Active Directory desgin and administration requires a fair bit of knowledge. If you are interested in it, I would suggest you read a book on the subject. There is a lot to it. I've worked on large scale AD domains, with 1000's of users and computers. Making sure everything runs smoothly is a big task.
 
F

flyfish

Senior member
Oct 23, 2000
856
0
0


<< What kind of security policies are you trying to set? You can create a custom group and put any user(s) in that group. That is, if the group you belong to allows you to set up such things. >>



Saltin is right and I am stupid :eek::p! Although I have never tried it, I just assumed that you could assign policies to individual users at the local level ! What if you had many people that used the same standalone machine? Someone needs fix that ! ;)

NTFS file and folder security permissions give some level of local control for different users.
 
S

Saltin

Platinum Member
Jul 21, 2001
2,175
0
0


<< What if you had many people that used the same standalone machine? Someone needs fix that ! >>



NTFS can be used creatively to manage a situation like that. Remember that a user in 2k can do just about nothing. They really don't have the ability to mess things up badly. Security policy can still be set for things like password policy, etc. Customizations can still be applied to the box via policy. Those are things everyone benifits from. Even the Admin.
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom