Search Results

Search found 2782 results on 112 pages for 'it policy'.

Page 5/112 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • Group Policy for IE Security Zones

    - by Doug Luxem
    We are currently using the following Group Policy to control the Internet Explorer security zones: User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page Then setting the Site to Zone Assignment List with the various values using the following chart: Value Setting ------------------------------ 0 My Computer 1 Local Intranet Zone 2 Trusted sites Zone 3 Internet Zone 4 Restricted Sites Zone This works well; however, users are then unable to edit (or especially add) to their zone settings. Is there a way to lock in our custom zone settings while still giving users the ability to add their own sites to the security zones? Yes, I do realize the slight security risk in opening this up.

    Read the article

  • Group policy applied to AD OU attributes

    - by Eric Smith
    I'm not well-versed in AD, so would like to resolve a question I have with regards to AD information. I understand that it is possible to apply group policy to OU's, thereby restricting access. What I'd like to know is, is it possible to do the same with OU attributes. Some context would help. There's a requirement to store address information in AD (IMO, a natural fit), but for various reasons, although obviously things like name should be globally accessible, access restrictions are desired on the address. In this case, is it possible to apply security to the address portion of the OU attributes, or does each address have to be broken into a separate OU (a solution that feels smelly given that address doesn't have identity)?

    Read the article

  • How do I package this vbscript as a msi for Group Policy

    - by TheCleaner
    I had a developer that is no longer with us create an msi to do this for me, but the package is outdated now and we need to deploy new files. Basically I need to do the following: Take the code at the bottom of this question and deploy it to all users as a software install package in Group Policy. I don't want to use a computer startup script because I don't want this to run at every login...just once to install and be done. How can I take the below and turn it into an msi for deployment through GPO? @echo off delete "C:\Windows\Downloaded Program Files\jdeexpimp.inf" delete "C:\Windows\Downloaded Program Files\jdeexpimpU.ocx" delete "C:\Windows\Downloaded Program Files\jdewebctls.inf" delete "C:\Windows\Downloaded Program Files\jdewebctlsU.ocx" copy "\\tuldc01\EOneActiveXapplets\ActiveX898\jdeexpimpU\*" "C:\Windows\Downloaded Program Files\" copy "\\tuldc01\EOneActiveXapplets\ActiveX898\jdewebctlsU\*" "C:\Windows\Downloaded Program Files\" regsvr32 "C:\Windows\Downloaded Program Files\jdeexpimpU.ocx" regsvr32 "C:\Windows\Downloaded Program Files\jdewebctlsU.ocx"

    Read the article

  • Group policy results failing with "Invalid class" error

    - by bshacklett
    When trying to run the Group Policy Results Wizard against a specific workstation, I'm getting the following error: The wizard was unable to generate the computer or user's data due to insufficient permissions. Details: Invalid class I'm guessing that the class being referred to is a WMI class, but I haven't gotten much farther. I've run sfc /scannow on the machine with no luck. I've also followed all of the recommendations in this article: http://windowsxp.mvps.org/repairwmi.htm. I cannot find anything useful in the event logs and I can't think of anywhere else I could look to find out what's really happening here. Any help would be appreciated.

    Read the article

  • Windows policy settings: overriding machine settings for specific user

    - by Ophir Yoktan
    I want use windows policy setting to limit access to removable media. This can be done by setting [HKEY_USERS\<uid>\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices] "Deny_All"=dword:00000001 for limiting a specific user [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices] "Deny_All"=dword:00000001 for all users on the machine. I'm looking for a method to limit all users, with the exception of one specific local user. However, the limitation appears to be additive - there is no way (that I know of) to define an exception for a specific user. Is there some kind of alternative?

    Read the article

  • Group policy to disable notifications of particular errors?

    - by resolver101
    How do i disable the notifications of particular errors? A little background to my issue. During the installation of the Kaspersky, it disables all the windows firewall for all except the domain. I have remedied this by creating an offline policy in Kaspersky which enables the Kaspersky firewall when out of the office (ie not connected to the office network). The problem now is that users in the office now see a notification showing that the firewall is disabled even though it’s enabled in all scenarios. It’s just that work and home show as disabled when the clients are connected to the office LAN. I’ve looked into the notifications and you can disable the notification (not recommended) but I don’t want to do this incase other relevant messages are stopped from being displayed. http://blogs.technet.com/b/networking/archive/2010/12/16/disabling-firewall-alerts-in-the-action-center.aspx

    Read the article

  • Installing Office 2010 without through group policy without an msi

    - by Ri Caragol
    I have been breaking my head for several days now trying to install Microsoft office 2010 through group policy. Unfortunately Microsoft decided it would be fun to release office without an MSI and so I either 1) need to create an msi for it or 2) need to install it through a logon script that would run the setup.exe from a network location. Any advise would be greatlly appreciated. I tried to create a script but even though I double click it and it runs properly, it does not seem to kick in when users log in or when the machine is turned on. Also is there an easy way to create an msi? thanks! -Ri

    Read the article

  • Local Group Policy Editor reverting setting to default

    - by Timur Aydin
    On my Windows 7 Ultimate 32bit system, I have changed the following setting: Local Computer Policy - Computer Configuration - Windows Settings - Security Settings - Local Policies - User Right Assignment - Deny access to this computer from the network This setting was by default "Guest" and I deleted this so that Guest can access a defined network share over the LAN. But later, I have changed my mind and wanted to return this setting to its default. So I edited that setting and specified Guest. But the setting became MYWINPC\Guest. So my question is, what is the difference between the previous setting "Guest" and MYWINPC\Guest? And how do I return this setting to its default value, "Guest"?

    Read the article

  • Need a GUI app for group policy login script

    - by jayPal
    I wrote a C# 4.0 application that works on a Windows computer but when using Group Policy to set it as a login script, it does not run. The application is being called from the same location and using rsop.msc shows that the application should be run. I see that using C# 4.0 may be a little overkill for this purpose, but it just seems wrong to write a VB6 application to do the same thing. The requirements for the application states that there need to be specific GUI elements that can't be just text on the window. I need larger fonts and color elements. Is there something more appropriate (and current) that I should be using?

    Read the article

  • Entering the user's name in a URL for Chrome through Group Policy

    - by Automate Everything
    I am managing a Windows Server 2008 R2 server, with several Windows 7 machines, and we have recently deployed Google Chrome using Group Policy. We also have a locally hosted intranet for storing procedures, forms, and so on, as well as reports that pull directly from our databases. I am trying to put the user's name in the startup URL for Chrome, so that when they open Chrome at the beginning of the day, it can pull a list of items from the database that contains their username. The report works, and I have it using a drop down right now, but I would like to be able to put their username in the URL as a GET variable instead. Does anybody know how I would go about doing that for Chrome? I tried putting ${user_name} in the URL, and I tried putting %username% in the URL, but that didn't translate to anything. Is there some way to escape it so that it gets translated by the system into a username? Any help would be greatly appreciated.

    Read the article

  • Group Policy - Published software not upgrading

    - by VokinLoksar
    I'm testing this with mercurial MSIs, but it's the same for other packages. I've created a new group policy and added an old version of mercurial to User software installation as a Published package. On a Windows 7 client I install the package through Programs and Features. The installation works fine. Now, I would like to publish an updated version of mercurial. I create a new Published package. Under 'Upgrades' I configure it to replace (upgrade also doesn't work) the old version and mark this upgrade as 'Required'. The old package is not removed. The Windows 7 client is then restarted. When I log back in, I see a status message saying something like 'Removing managed software Mercurial ...'. There is no message about installation of the upgrade. If I look in Programs and Features, I can see the new version of mercurial listed. However, the actual mercurial directory under Program Files is missing. It's as though the installation recorded information about the MSI, but didn't actually install anything after removing the old version. As I mentioned, this isn't specific to mercurial. I've tried using other apps and have yet to find one that can be upgraded via a Published package. Using Assigned packages in Computer Configuration works without problems, but I would like this software to be optional rather than required. Ideas?

    Read the article

  • AD User Passwords expiring without any notifications?

    - by scooter133
    We setup password Policies in Active Directory to Expire peoples passwords after so many days. Well it looks like the time has come for the Expiration of the Passwords and people are getting locked out... There has been no warning of user passwords about to expire. They just come in to work and they cannot log in, the phones no longer connect, nothing. Reset the password and all is good. Some of the users are locked out, though most are not, they just cannot log in. On setting the password Expiration, I didn't see anything about nor warning the users of the impending expiration. Seems like it used to warn you 15 days or so before it would expire. Clients range from: WinXP, WinVista, Win7 and Server 2008R2 Remote Desktop Services. How can I make sure my users are warned of the Expiration? Resultant Set of Policy for User that was not prompted: Account Policies/Password Policy Policy Setting Winning GPO Enforce password history 10 passwords remembered Default Domain Policy Maximum password age 270 days Default Domain Policy Minimum password age 0 days Default Domain Policy Minimum password length 4 characters Default Domain Policy Password must meet complexity requirements Disabled Default Domain Policy Store passwords using reversible encryption Disabled Default Domain Policy Account Policies/Account Lockout Policy Policy Setting Winning GPO Account lockout duration 20 minutes Default Domain Policy Account lockout threshold 5 invalid logon attempts Default Domain Policy Reset account lockout counter after 15 minutes Default Domain Policy Local Policies/Audit Policy Policy Setting Winning GPO Audit account logon events Failure Default Domain Policy Audit account management Success, Failure Default Domain Policy Audit directory service access Success, Failure Default Domain Policy Audit logon events Failure Default Domain Policy Audit policy change Success, Failure Default Domain Policy Audit privilege use Failure Default Domain Policy Local Policies/Security Options Interactive Logon Policy Setting Winning GPO Interactive logon: Prompt user to change password before expiration 7 days Default Domain Policy

    Read the article

  • Oracle Enterprise Taxation and Policy Management Self Service v1.0 is Now Available

    - by user722699
    New tax product - Oracle Enterprise Taxation Policy Management Self Service is now available. The solution provides tax and revenue authorities with a single citizen portal – powered by Oracle Policy Automation for Public Sector, Oracle WebCenter, Oracle Application Development Framework and Oracle SOA Suite – that can integrate across multiple tax types and tax processing systems. Oracle Enterprise Taxation and Policy Management Self Service enables tax and revenue authorities to quickly provide more taxpayer services online – such as the ability to make payments, contact the tax agency with questions and requests or receive self-guided automated assistance with policies and tax law.  Tax and revenue authorities can implement Oracle Enterprise Taxation and Policy Management Self Service – an out-of-the-box solution – quickly and easily, and lower the cost of taxpayer service operations by promoting a broader set of taxpayer self service features.  Resources: ·         Datasheet: http://www.oracle.com/us/industries/public-sector/ent-taxation-policy-service-ds-1873518.pdf ·         Documentation: http://docs.oracle.com/cd/E38189_01/index.htm ·    

    Read the article

  • IE8 and P3P problems again,

    - by MSolution
    Have been browsing across the net, and seems everyone who got into this mess, really slogged to get out of it,... and now my turn! http://stackoverflow.com/questions/999534/ie-p3p-iframe-and-blocked-cookies-works-until-page-host-page-has-personal-info been reading alot, and i have a very simple p3p policy here: http: // bit.ly/cCyGi5 and corresponding P3P compact policy: P3P: CP="COM DEM INT NAV OTC PRE PUR STA NOI DSP COR ADMi DEVi OUR BUS" I have validated my P3P policy via the validator at w3c, I have tried "privacy bird" IE extension, and it says my P3P.xml matches with my privacy settings, and has no conflict, my compact policy matches with my P3P policy, coz some where i read IE7 matches the two!!! If i lower my privacy settings in IE, the cookies get restricted, and if i further lower it to allow all, it gets thru, so it is my P3P compact policy the coz, and needs fixing. If someone can guide me in the right direction, or if i can hire someone for an hour or two to look into it. M.

    Read the article

  • Is there a debian/ubuntu policy on softlinking things to another location in opt once they're installed?

    - by AbrahamVanHelpsing
    Is there a debian/ubuntu policy on softlinking things to another location in opt once they're installed properly in usr/share or usr/lib? Here's a simple example: Packaging up dnsenum. It's a REALLY simple package (4 files). A perl script, two wordlists, and a readme. So from what I gather: The wordlists should go in usr/share/dnsenum/* The perl script itself would go in usr/lib/dnsenum/ The readme would go in usr/share/doc/dnsenum/ Add a wrapper bash script that goes in bin and just passes arguments to dnsenum.pl. The question is this: If there are various tools that provide wordlists or some other shared resource, is there a policy on linking all the wordlists from different packages in to /opt/wordlists/ ? It seems like the "right" thing to do respecting the directory structure while still making things convenient.

    Read the article

  • Flash doesn't connect to socket even though policy allows it

    - by Bart van Heukelom
    In my Flash app, I'm connecting to my server like this: Security.loadPolicyFile("xmlsocket://example.com:12860"); socket = new Socket("example.com", 12869); socket.writeByte(...); ... socket.flush(); At port 12860 I'm running a socket policy server, which (according to this document) correctly serves up my policy like this: 00000000 3c 70 6f 6c 69 63 79 2d 66 69 6c 65 2d 72 65 71 <policy- file-req 00000010 75 65 73 74 2f 3e 00 uest/>. 00000000 3c 63 72 6f 73 73 2d 64 6f 6d 61 69 6e 2d 70 6f <cross-d omain-po 00000010 6c 69 63 79 3e 3c 73 69 74 65 2d 63 6f 6e 74 72 licy><si te-contr 00000020 6f 6c 20 70 65 72 6d 69 74 74 65 64 2d 63 72 6f ol permi tted-cro 00000030 73 73 2d 64 6f 6d 61 69 6e 2d 70 6f 6c 69 63 69 ss-domai n-polici 00000040 65 73 3d 22 6d 61 73 74 65 72 2d 6f 6e 6c 79 22 es="mast er-only" 00000050 20 2f 3e 3c 61 6c 6c 6f 77 2d 61 63 63 65 73 73 /><allo w-access 00000060 2d 66 72 6f 6d 20 64 6f 6d 61 69 6e 3d 22 2a 22 -from do main="*" 00000070 20 74 6f 2d 70 6f 72 74 73 3d 22 31 32 38 36 39 to-port s="12869 00000080 22 20 2f 3e 3c 2f 63 72 6f 73 73 2d 64 6f 6d 61 " /></cr oss-doma 00000090 69 6e 2d 70 6f 6c 69 63 79 3e 00 in-polic y>. I get no security warnings, which I used to get before the policy server was in place. Still, the connection to port 12869 doesn't work. It's made (I can see with Wireshark and on the server), but no data is sent by Flash. It might be worth knowing that the SWF itself is served from example.com as well.

    Read the article

  • Reading Local Group Policy / Active Directory Settings

    - by Shinobi
    I'm writing a C# program that will enforce password complexity in accordance with the Windows Group Policy setting "Password must meet complexity requirements". Specifically, if that policy is set to Enabled either on the local machine (if it's not part of a domain) or by the Domain Security Policy (for domain members), then my software needs to enforce a complex password for its own internal security. The issue is that I can't figure out how to read that GPO setting. Google searches have indicated that I can read GPO settings with one of these two APIs: the System.DirectoryServices library in .NET Framework, and Windows Management Instrumentation (WMI), but I haven't had any success so far. Any insights would be helpful.

    Read the article

  • Group Policy error 1006 with and error code 52

    - by Bernesto
    I have a hyper-v cluster operating on win2k8 R2 in a 2003 forest. These servers are at our NOC with a DC that connects to our PDC at HQ via a persistent VPN. The cluster boxes are reporting a error event ID 1006 shown below. The DC is also reporting an error 5805 also shown below. I have found numorus posts regarding 1006 errors, but none for error ID 52's. It's weird, I can ping and I can browse network shares on the DC from each. I thought maybe a DNS or net work issue, but nslook up works too. Event 1006 <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-GroupPolicy" Guid="{AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}" /> <EventID>1006</EventID> <Version>0</Version> <Level>2</Level> <Task>0</Task> <Opcode>1</Opcode> <Keywords>0x8000000000000000</Keywords> <TimeCreated SystemTime="2013-12-17T00:08:19.582292600Z" /> <EventRecordID>41808</EventRecordID> <Correlation ActivityID="{26B10592-6228-4A3E-845B-E04B49702A54}" /> <Execution ProcessID="964" ThreadID="1384" /> <Channel>System</Channel> <Computer>NEOREEFVH1.neoreef.com</Computer> <Security UserID="S-1-5-18" /> </System> <EventData> <Data Name="SupportInfo1">1</Data> <Data Name="SupportInfo2">5012</Data> <Data Name="ProcessingMode">0</Data> <Data Name="ProcessingTimeInMilliseconds">1138</Data> <Data Name="ErrorCode">52</Data> <Data Name="ErrorDescription">Unavailable</Data> <Data Name="DCName" /> </EventData> </Event> Event 5805 Event Type: Error Event Source: NETLOGON Event Category: None Event ID: 5805 Date: 12/16/2013 Time: 2:32:01 PM User: N/A Computer: NEOREEFSRV15 Description: The session setup from the computer NEOREEFVH3 failed to authenticate. The following error occurred: Access is denied. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Data: 0000: 22 00 00 c0 "..À Here are the networks on the hosts: Any with a "Enabled" Are virtual switches.

    Read the article

  • Windows 2008 Group Policy Setting? - Migration Headache

    - by DevNULL
    I have a small domain of users that I just migrated from a linux domain running open-ldap. Our new servers are running Windows 2008 Standard. I've installed Active Directory and everything is working perfectly... except that the initial user privileges is pretty restrictive and I need to loosen it up a bit. For example once they login to their workstations, they can create new files and folders but can not modify existing files or start. I basically want to open it all up except for software installations. Can someone please help with with this migration headache?

    Read the article

  • Printer deployment via Group Policy not working on a single system

    - by Aron Rotteveel
    One of my coworkers just got a new laptop running Windows 7 Pro x64. We use a GPO to deploy the printers to every system, but for some reason it is not working on this system. I have been breaking my head over this for the past 3 hours now without any result. The strange thing is that gpresult /H seems to indicate that the GPO did run. The hardware: Laptop: Windows 7 Professional x64 Print server: Windows Server 2008 x64 R1 HP Color LaserJet 2605dn HP LaserJet P2015 Driver packages on server: HP universal printer driver PCL5, both X86 as X64 Oddities and other info: GPO working flawlessly on every other system, including my own Windows 7 Ultimate X64 laptop gpresult /H shows the GPO being ran Windows Firewall completely disabled on the new laptop Below is the output for gpresult /H (in Dutch sadly, but I think you'll recognize it): Beleidsregels Windows-instellingen Printerverbindingen Pad Dominerend groepsbeleidsobject \\Server2008\HP Color LaserJet 2605dn Printers \\Server2008\HP LaserJet P2015 Printers Beheersjablonen Beleidsdefinities (ADMX-bestanden) opgehaald van de lokale computer. Configuratiescherm/Printers Beleid Instelling Dominerend groepsbeleidsobject Beperkingen van point-and-print Uitgeschakeld Printers Like I said, I have been trying to figure this out for the past few hours or so without any result, so you are my last hope. Any help is appreciated.

    Read the article

  • Group policy not applying to security group

    - by ihavenoideawhatimdoing
    Preface: I have enough privileges to create GPOs in my OU, and have made a few of them for some simple tasks (like deploying a printer to certain users). Not actually a sysadmin...I'm a developer who is winging it. I wanted to create a GPO that would set a mapped folder for a certain security group (which I recently created and that contains only myself). Did the following: Created the GPO in MyOU - Users Removed the default Authenticted Users under Security Filtering Add the security group with my account to Security Filtering Set up the mapping via the User Configuration option Changed GPO Status to "Computer configuration settings disabled" Left WMI filtering to Closed the GPO at this point... Logged in as the target user; ran gpupdate /force Logged out, logged in, ran gpresult /r, no mention of my GPO Rebooted Logged in, re-ran gpupdate /force Logged out, logged in, ran gpresult /r, still no mention of my GPO If I log in with another completely different user, their RSOP information shows that the new GPO is being ignored due to a security restriction, so it appears to be "working" for other users. I just can't get it to actually show up in RSOP for the user it should be working. Is there anything else I can do short of rebooting endlessly and crossing my fingers?

    Read the article

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >