Home > Developer > Windows

How to apply a local policy in workgroup settings to all users except administrators on Windows Server 2000

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >
Document directory
  • Content of this task
  • Apply Local Policies to all users other than Administrators
  • Restore the original local policy
  • The information in this article applies:

Applicable

Content of this task
  • Summary
    • Apply Local Policies to all users other than Administrators
    • Restore the original local policy

Summary

This article describes how to apply a local policy to all users other than the Administrator on a computer based on Windows 2000 that uses workgroup settings.

When you are using a computer that is based on Windows 2000 Professional or Windows 2000 Server and uses workgroup settings rather than domain settings, you may need to implement local policies on the computer, these policies can be applied to all users on the computer, but not administrators. This exclusion allows the Administrator to have unlimited access and control permissions on the computer, and allows the Administrator to restrict users who can log on to the computer.

For a Member Server Based on Windows 2000 Professional or Windows 2000, you must use the workgroup settings so that this process takes effect. In this case, the domain policy cannot overwrite the local policy because there is no Domain Policy. We recommend that you create backup copies for all edited files.

Back to the top

Apply Local Policies to all users other than Administrators

To implement local policies for all users other than administrators, follow these steps:

  1. Log on to the computer as an administrator.
  2. Open Local Security Policy: ClickStart,RunAnd then type:Gpedit. MSC, Or clickStart,Run, Type:MMCAnd then load the Local Security Policy. If you deleteRunThe command is one of the policies to be implemented. We recommend that you edit the policy on the Microsoft Console (MMC) and save the result as an icon. In this way, you do not need to open the policy again.RunCommand. Open the policy and expandUser Configuration, And then expandManage templates.
  3. Enable any desired policy (for example, "Hide network neighbors" or "Hide Internet Explorer icon on the desktop ).

    Remarks: Be sure to select the correct policy. Otherwise, the Administrator may be limited to the ability to log on to the computer and complete the necessary steps required to configure the computer. We recommend that you record the changes (you can also use this information in step 1 ).

  4. Disable the gpedit. msc "Group Policy" snap-in, or, if you use MMC, save the console as an icon for later access and then log out from the computer.
  5. Log on to the computer as an administrator. You will notice the previous policy changes in this logon session, because by default, local policies are applied to all users, including administrators.
  6. Log out from the computer and log on to the computer as all other users (you want to apply these policies to them. The system implements local policies for all these users and administrators.

    Remarks: The system cannot implement a local policy to any user account that has not logged on to the computer at this step.

  7. Log on to the computer as an administrator.
  8. ClickStart,Set,Control PanelAnd double-clickFolder Options. ClickViewTab, click"Show hidden files and folders"Option, and then clickOKIn this way, you can view the "Group Policy" to hide the folder. Alternatively, open "Windows Resource Manager" and clickToolsAnd then clickFolder OptionsTo access these settings.
  9. Copy the Registry. Pol file in the % SystemRoot % \ system32 \ grouppolicy \ User \ REGISTRY. Pol folder to the backup location (for example, another hard disk, floppy disk, or folder ).
  10. Use the gpedit. msc "Group Policy" snap-in or the MMC console icon to enable the local policy again, and then enable the feature that is actually disabled in the original policy created for the computer.

    Remarks: When you perform this operation, the Policy Editor creates a new registry. Pol file.

  11. Close the Policy Editor and copy the backup registry. Pol File Created in step 1 Back To The % SystemRoot % \ system32 \ grouppolicy \ user folder.

    When the system prompts whether to replace the existing file, clickYes.

  12. Log out of the computer and log on to the computer as an administrator. You will notice that the system has not implemented the initial changes to you because you have logged on to the computer as an administrator.
  13. Log out of the computer and log on to the computer as another user (or multiple other users. You will notice that the system has implemented the initial changes to you because you have logged on to the computer as a user rather than an administrator.
  14. Log on to the computer as an administrator to verify that the local policy does not affect your use of the computer as a local administrator.

Back to the top

Restore the original local policy

To cancel the preceding process, follow these steps:

  1. Log on to the computer as an administrator.
  2. ClickStart,Set,Control PanelAnd double-clickFolder Options. ClickViewTab, click"Show Hidden file files and folders"Option, and then clickOKIn this way, you can view the "Group Policy" to hide the folder. Alternatively, open "Windows Resource Manager" and clickToolsAnd then clickFolder Options.
  3. Move, rename, or delete the Registry. Pol file in the % SystemRoot % \ system32 \ grouppolicy \ user folder. After you log out of your computer or restart your computer, the Windows File Protection system creates another default registry. Pol file.
  4. Open local policy: ClickStart,RunAnd then type:Gpedit. MSC, Or clickStart,Run, Type:MMCAnd then load the Local Security Policy. Then, set all items that have been set to "Disable" or "enable" to "not configured" (not configured) to cancel the registry. any policy changes specified by the pol file to the Windows 2000 registry.
  5. Log out of the computer as an administrator and log on to the computer as an administrator.
  6. Log out from the computer and log on to the computer as all the users on the local computer, so that the changes can also be revoked for the accounts of these users.

Back to the top information in this article applies:

  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Professional
Latest updates: (2.1)
Keywords: Kbenv kbhowtomaster kb293655 kbauditpro

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
how to check all users in linux how to list all users in linux how to run windows 2000 on windows 10 how to apply sticky bit in linux how to apply css in php how to apply session in php how to apply theme in wordpress
Related Article
How to remove bootcamp Windows partition in Mac dual system
Windows Server 2016-active Directory Domain Services Port rollup
Windows Server 2003 key
Using word to convert a PDF file to a DOC file

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More