Search Results

Search found 2782 results on 112 pages for 'policy'.

Page 18/112 | < Previous Page | 14 15 16 17 18 19 20 21 22 23 24 25  | Next Page >

• How to execute everything in the Local Area Network

  - by matnagel

  We have a very small LAN here, but some peolpe here think we need Active Directory, though nobody knows how to maintain it. I am not in the position to change this. How can I get full access (on Linux it would be "execute" rights) also for files on network drives (the files are just on another machine next room) My account is in the group Administrators on a windows 2003 server Domain Controller. I cannot open simple MS Access 2000 Databases or CHM Files from network drives in the lan How to do that? Some policy setting? I want to change that once. It is useless. We have no distinction between local or network files here. I would have to copy everything to a local drive and then do what I want.

  Read the article

• How do I apply WinHTTP proxy settings domain-wide?

  - by Oliver Salzburg

  We're already configuring Internet Explorer proxy settings through group policy and it works great. Sadly, I've recently run into multiple issues where those settings are ignored by certain services. I realized that these service have one thing in common. They use WinHTTP, which has its own proxy settings. Now I'm asking myself how to apply those across the whole domain. I realize that I could create a logon script and simply run netsh winhttp import proxy source=ie, but, from experience I know that these settings require a reboot to take effect. So this wouldn't help me at all in a logon script. So, how can I do it?

  Read the article

• updating drive mapping GPO programmatically using powershell

  - by Kristoffer

  I have a Group Policy in a domain that have lots of drive mapping settings. I would like to change the path for a lot of these servers in this gpo with powershell if possible. I know i could do this via the GPMC, but would prefer to do it programtically. I have looked at the grouppolicy powershell module from microsoft (get-gpo and friends) but i only seem to be able to change registry entrys and permissions on the policys, not the actual path for the drivemapping. any ideas? Thanks!

  Read the article

• Using Active Directory Security Groups as Hierarchical Tags

  - by Nathan Hartley

  Because active directory security groups can... hold objects regardless of OU. be used for reporting, documentation, inventory, etc. be referenced by automated processes (Get-QADGroupMember). be used to apply policy be used by WSUS I would like to use security groups as hierarchical tags, representing various attributes of a computer or user. I am thinking of (computer centric) tags something like these: /tag/vendor/vendorName /tag/system/overallSystemName /tag/application/vendorsApplicationName /tag/dependantOn/computerName /tag/department/departmentName /tag/updates/Group1 Before fumbling through implementing this, I thought I would seek comments from the community. Specifically in the areas: Does this make sense? Would it work? Has anyone else attempted this? Is there a good reference on the matter I should read? How best to implement the hierarchy? Tag_OU\Type_OU\GroupName (limits quantity in OU, uniqueness not guaranteed) Tag_OU\Type_OU\Tag-Type-GroupName (limits quantity in OU, uniqueness guaranteed, verbose) etc ... Thanks in advance!

  Read the article

• How to execute files on LAN drives in a Windows Domain

  - by matnagel

  We have a very small LAN here, but some peolpe here think we need Active Directory, though nobody knows how to maintain it. I am not in the position to change this. How can I get full access (on Linux it would be "execute" rights) also for files on network drives (the files are just on another machine next room) My account is in the group Administrators on a windows 2003 server Domain Controller. I cannot open simple MS Access 2000 Databases or CHM Files from network drives in the lan How to do that? Some policy setting? I want to change that once. It is useless. We have no distinction between local or network files here. I would have to copy everything to a local drive and then do what I want.

  Read the article

• Prevent registry changes by users

  - by graf_ignotiev

  Background: I run a small computer lab of 10 computers using Windows 7 x64 Enterprise. Our users are set up as limited users. For additional restrictions, I set up local group policy for non-administrators using the microsoft management console. Problem: Recently, I found out that some of these restrictions had been removed. Reviewing the settings MMC and in ntuser.pol showed that the settings should still be in place. However, the related registry settings were missing in ntuser.dat. I already have registry editing disabled in the GPO (though not in silent mode). Question: What is the best way to deal with this situation? Should I look into preventing registry setting changes? Should I set up registry auditing to found out how these keys are getting changed in the first place? Or should I give up the ghost and write some kind of logon script that enforces registry values if they've been change? Any other ideas?

  Read the article

• Can't add HKCU entries via GroupPolicy Preferences

  - by Lou H

  2008 R2, XP and W7 64 bit workstations. Trying to add/modify two registry entries for Lync2010 for each user. Created using GP Management, User Configuration, Preferences, Registry. If the two registry entries already exist, then the policy works correctly. If they don't exist, nothing changes. GPReults reports it was successful. If I import the .reg file manually, it also works, so I don't believe it is a rights issue. I have tried the Update, Create, and Replace as the Action. I am not familiar with ADM templates, is that the only way to do it?

  Read the article

• Can you have a WMI query for GPO Filter based on user's OU?

  - by Jordan Weinstein

  I'm wondering if there is a way to have a WMI query check the OU of the user logging on. I'd like a GPO (linked to Citrix servers OU) to apply only to users if the user is in a certain OU - this is for Citrix so the overly obvious answer of - well just link it to the OU the user is in does not apply. This also cannot be done using security groups because a long time ago those started to get used as Distribution Groups also and now too many are widely inaccurate. Lastly I need to apply this to the entire GPO as there are more than just group policy preferences included so I can't use the item-level targeting feature either. But my OUs are accurate so I'd like to use those if I can. I'd like a WMI query filter to say, apply GPO if user is member of OU 'x' that doable?

  Read the article

• Spawned Process Terminated in GP Startup Script

  - by Charles Gargent

  I have a Group Policy Startup Script which runs synchronously. I now need this script to run one process asynchronously. So far I have managed to get the spawned process running via the command below, however once the rest of the script finishes and the GP Startup Script "phase" finishes and the logon prompt is shown, my spawned process is terminated. Is there any way to have this process continue beyond the Startup Script phase? cmd /c start spawned.bat I guess the reason why it terminates is because the process was launched by the Startup Script process and when the parent process terminates so do its children. PS I need it to be launched via the exisitng script.

  Read the article

• MLGPO for Windows Server 2003 R2?

  - by 5graeham5

  Is there something like MLGPO (Multiple Local Group Policy Objects) for Windows Server 2003 R2? I have a 2003 Terminal Server that isn't part of a domain/AD and I'm trying to set local group policies which applies only to certain users and/or groups and the policies differ between those entities. I wanted to avoid using the file permissions trick for on C:\WINDOWS\system32\GroupPolicy as that's an all-or-nothing approach. I can't upgrade this box to Windows Server 2008 as the software used is only supported and only works on 2003. Are there any third-party tools to achieve this?

  Read the article

• How do I get detailed information about what happens during logon

  - by Funky Si

  Due to my IT department leaving I am now responsible for all our IT systems. I now have several problems to get my head around and fix. I run Active Directory on windows server 2003 and use group policy to apply settings etc. Recently we have had some windows 7 clients added to our network, these are having awful problems with our logon scripts and drive mappings. For the most part my XP clients are working without a problem. What I want to know is what is going on during logon, as running the logon scripts after I have logged on often works. Does anyone know of a way to get detailed log information of what is happening before and during logon. Thanks for your help and any suggestions you have for tracking down the source of these problems.

  Read the article

• How can I prevent users from installing software?

  - by Cypher

  Our organization is a bit different than most. During certain times of the year, we grow to thousands of employees, and during off-times, less than a hundred. Over the course of a few years, many thousands of people have come and gone in our offices, and left their legacy behind in the form of all sorts of unwanted, unapproved, (and sometimes unlicensed) software installs on our desktops. We are currently installing redundant domain controllers and upgrading current servers, all running Windows Server 2008 Enterprise, and will eventually be able to run a pure 2008 DC network. With that in mind, what are our options in being able to lock down users, such that they cannot install unauthorized software on systems without the assistance (or authorization) of the IT group? We need to support approximately 400 desktops, so automation is key. I've taken note of the Software Restrictions we can implement via Group Policy, but that implies that we already know what users will be installing and attempting to run... not quite so elegant. Any ideas?

  Read the article

• Disable "Send as XPS Attachment" Word 2007

  - by Tim Alexander

  Is there a way to disable this option either via Group Policy or via some form of registry hack? Normally I would go down the route of telling users not to send as XPS and send as something else but with our recent upgrade to 2007 lots of users are banding these files around. Unfortunately our version of Citrix does not play nicely with XPS documents and we end up having to log them out. Am told the fix for Citrix is not forthcoming so wondered if I could bury my head in the sand and disable the option all together. Regards Tim

  Read the article

• Server 2008 Active directory file sharing Restriction

  - by Usman

  My network scenario is: Two location connected each other through Wireless towers. 1st network ip address are 10.10.10.1 to 10.10.10.150 2nd network ip address are 10.10.10.200 to 10.10.10.254 Both location using their own ACTIVE DIRECTORY (MS SERVER 2008) and share their data with each other network through file sharing. My Problem is that every single client can explore the whole network. by simply typing \computername. i want to implement some restriction on network regarding file sharing. i want to restrict 1st Network Clients to open 2nd network Computer or server. Is there have any Group Policy or Folder permission scenario that i implement on my both network..

  Read the article

• What URLs must be in IE's Trusted Sites list to allow Windows Update?

  - by ewall

  Particularly for servers in which IE Enhanced Security Configuration is enabled, you need to have all the Windows Update/Microsoft Update URLs in your "Trusted Sites" list in order to use the site. (Furthermore, for domain member servers where Group Policy enforces Internet Explorer's list of "Trusted Sites", you don't have the option to edit the Trusted Sites yourself... so all the necessary URLs should be listed in the GPO.) So, what is the full list of URLs I'll need in IE's Trusted Sites? So far I have the following: http(s)://*.update.microsoft.com http://download.windowsupdate.com http://windowsupdate.microsoft.com I seem to remember there being several more...

  Read the article

• How to install remote software NOT on a domain?

  - by Nicros

  I have a situation where some software (that I wrote) is going to be deployed on 60 laptops for an event. The laptops are all running windows 7, but there is no domain controller, and they will all be connected to a 192.168.x.x network using wifi. Is there any convenient way to push the software (consisting of an msi file) can be pushed out to all the laptops and installed? I looked at WMIC, but I think that requires machines be joined to a domain, as does Group Policy. The other alternative is Powershell, but I have literally 4 hours to do this and will have no time to figure out the right script. It's not the end of the world if it has to be done manually (I can find volunteers) but it would be nicer if it could be automated somehow.

  Read the article

• Windows 2008 startup script will not run?

  - by larsks

  I am trying to get a very simple batch script to run when my Windows 2008 Server (R2) system starts up. I have added the script to the "Startup Scripts" in the local group policy by running gpedit.msc, and I see the script listed under Windows Settings/Scripts (Startup/Shutdown)/Startup when I run rsop.msc, but the script is not being executed. The "Last Executed" column in rsop is empty even after a reboot, and a file that should be created by the script is never created. At the moment, the entire contents of the script are: rem Check if this script is running. date /t > c:\temp\flag The target directory (c:\temp) exists. The script is called c:\scripts\startup.bat, and works fine if I run it by hand.

  Read the article

• CutePDF in a domain environment

  - by poke

  We've recently migrated from a workstation to domain environment. Since the migration, we've been unable to install CutePDF (CuteWriter.exe) on our Win XP Pro boxes. No error, it just fails silently. We were not having having issue prior to the domain migration. CutePDF is a PDF creator that works by emulating a printer. The installer is supposed to create a regular Windows printer that users can select to print to when they want to make a PDF. We are using Group Policy, but I didn't really see any GPOs that would be affecting this. Does anyone have any thoughts or suggestions on this issue? I've tried installing as a domain admin and also as a local admin.

  Read the article

• How to recover from locked down XP Home computer

  - by Chris

  We've got a Kiosk machine provided to us by a manufacturer. The video card is flaky, so I want to replace it with another card we have on hand, rather than shipping across the country. The problem is that they have policies in place that locks the system down to a point where only the manufacturers demo works on the computer so I can't install drivers for the newer card. I know pretty much nothing about windows policies or the policy editor. Am I fighting a losing battle trying to replace thi scard?

  Read the article

• Block Domain User login

  - by Param

  I have created a Domain User id ( for example - Auser ). I have integrated my LDAP login with Firewall. I use this user to login in to firewall only. So, I want to block all the login for this User except on Firewall. Is there any way to accomplish this? As per my knowledge, we can specify :- By right click on Domain User -- Properties -- Account tab -- Logonto ( but here we have to specify Computer Name, we don't have any computer name for Firewall -- So i can't use this option ) Through Group Policy Window Setting -- Security Setting -- Local Policies -- User Rights Assignment -- Allow logon Locally (But it has to apply on Computer OU -- So i can't use this option also ) Any Other Option you know ??

  Read the article

• TFS 2010 Check-in Policies

  - by Liam

  Currently we have check-in policies that are implemented by installing the TFS 2010 Power Tools on each developer machine. I was wondering if there was a way we could store those policies centrally within the TFS Server itself and push them out to the Developer machines in a group policy fashion without having to install anything additional on the Developer machines as realistically we only want the Power Tools on a couple of people's machines. I can't seem to find any documentation on how to do this or if it's possible so if someone could point me in the right direction I'd be very grateful.

  Read the article

• How can I find the names of AD Group policies that a user/pc is using?

  - by Russ

  I am having trouble locating some settings in group policy so I can make changes due to the convoluted nature of our policies. What I would like to be able to do is go to a specific PC and see what group policies are being applied, so I can focus on those policies. My goal would be to clean up the GP's a bit, while allowing me to "walk the tree" to see what people have implemented and what is worthless. Thanks. EDIT: In this specific case, I am looking to find which GP maped drives are configured in. (User Configuration -- Preferences -- Windows Settings -- Drive Maps)

  Read the article

• Is there a Utility that will scan selected locations and return all files older than a certain date?

  - by CT

  Can anyone recommend a utility that can scan specified directory locations (network shares specifically) and return all files older than a certain date? I am looking to implement a data retention policy at my workplace. As our amount of data grows it puts a large strain on our backup routines. I would like to move old data to some sort of archival system. Extra points for the ability to move queried old files to another location for archival and the ability to create schedules for when this occurs. Many thanks. EDIT: Windows Shop. Mostly Windows 2003 Servers.

  Read the article

• Customising Windows 8 Start Screen Tiles

  - by Joe Taylor

  We are looking for an effective way to manage the start screen in Windows 8. So far using WSIM we can add certain start tiles by using the OOBE System - shell setup - SquareTiles and WideTiles properties. However this only seems to work for square tiles and not wide tiles, if anyone has any insight on this it would eb appreciated. However the main question is has anyone managed to modify this screen using a GPO, we can add application shortcuts to the Start menu list on the All Apps page using a create shortcut to all users start menu policy. However as we occasionally deploy apps throughout the year in line with the courses requirements we would want to be able to put a shortcut on the home screen. Is it possible?

  Read the article

• use correct-resolution background desktop image

  - by Rob Bos

  I have a desktop background image (a picture) in a half-dozen different resolutions, that I'd like to deploy to a disparate collection of computers with different monitors and video cards and whatnot. Laptops, netbooks, desktops, widescreen, and even a couple of "tall" screens. I have images to cover most of the cases. I would like Windows 7 to correctly pick the correct desktop background image via group policy. Now, the logon screen is already done. The OEMBackground method is rather clever, and lets you copy files of different resolutions to the machine, and the logon app will calculate the aspect ratio of the monitor and match it to a file as closely as possible. Is there any way to have that functionality on the desktop background as well?

  Read the article

< Previous Page | 14 15 16 17 18 19 20 21 22 23 24 25  | Next Page >