Host and expert introduction guide_wendy_ms: Let's welcome this afternoon's expert: MVP Yan Weifeng vfanyan [MVP]: Hello, everyone. I'm Yan Weifeng guide_wendy_ms. The Chat officially started, you can freely ask: vfanyan [MVP]: Today's content is about Windows 2000 group policies. vfanyan [MVP]: Let's get started with any questions! Q: Why is my group policy not "Folder Redirection? [A]: on the console menu, click Add/delete snap-in. Add a group policy management unit. Click default domain policy. Expand the user configuration branch. Expand Windows Settings branch. Expand the folder redirect branch, right-click my documents, and then click Properties. Click basic. [Q] vfanyan, how do I define policies for other users if I am just an independent windows2000professional ?? Can it be implemented ?? If he is not allowed to run the control panel. [A]: Control Panel, management tools, and setting [Q] joy_mvp in the Local Security Policy: how to prevent clients from installing any program [a] we have discussed before, it is better to use user groups to implement group policies than to use group policies. [Q] How do I use group policies under 98? [A] use the Policy Editor in nt40 Resource Kit to generate the register. Pol file and place it in the netlogon shared folder of DC. 98 when the client logs on to the domain assignment, the application broadcasts to the user the next time the user logs on to the workstation. at the time of release, the application is not displayed as installing [Q] on a computer with mourning how to upgrade the software with group policies ??? [A] It can be implemented through the MST package. for more information, see [Q] qisheng_zhu_mvp: The execution sequence of group policies is [a] local, site, domain, ou [Q] Yang: what software is used for the MSI installation package, which is convenient and simple ?? [A] There is a software in CD. Can do, please see: http://support.microsoft.com/default.aspx? SCID = KB; en-US; 257718 [Q] Fanfan: What happened to kerbos authentication in Windows2000? [A] kerbos refers to the three eyes in the myth of xila. It leads the way to heaven. In Windows, it is like this. In Windows, it is mainly composed of KDC, key and other components [Q] Fanfan: How to Implement kerbos? What is the difference with traditional NT authentication? The specific technical details and processes are as follows. the ticket Authorization Service of the user request domain 2. through Kerberos on the computer, the as exchange between the SPP and the KDC of the user domain is completed at the same time. 3. the user requests the computer's ticket 4. user requests to access the local system service on the computer [Q] joy_mvp: what is the error 1000, 1001 [a] If you assign inappropriate permissions to the % SystemRoot % \ winnt \ sysvol folder or assign inappropriate components to "Skip traversal check user privilege assignment", this problem may occur. In addition, this problem also occurs if the sysvol share permission is too restrictive. To solve this problem: Set folder security permissions. In Windows Resource Manager, right-click the % SystemRoot % \ winnt \ sysvol folder and click Properties. On the Security tab, remove the "allow inherited permissions from parent to this object" check box and make sure that the security settings match the following: Administrators: full control of authenticated users: read, read, execute, and list folder content Creator Owner: do not select any items Server Operators: Read, read, execute, and list folder Content System: full control click OK. Right-click the % SystemRoot % \ winnt \ sysvol folder and click Properties. On the Security tab, select the "allow inheritance permissions from parent to this object" check box and click OK. Right-click % SystemRoot % \ winnt \ sysvol \ domain: folder and click Properties. On the Security tab, remove the "allow inherited permissions from parent to this object" check box and make sure that the security settings match the following: Administrators: full control of authenticated users: read, read, and execute and list folder content Creator Owner: do not select any Group Policy creator owners: Read, read and execute, list folder content, modify and write to server operators: read, read, execute, and list folder Content System: Click OK for full control. If not, check again: % SystemRoot % \ winnt \ sysvol \ domain \ policies. [Q] mengmengbug: Does the root time server in the domain need to be configured with an external time service address? [A] No, unless your business has strict time requirements [Q] Fanfan: my machine files cannot be shared with others [a] for many reasons. First, do you allow others to access your files in the network attribute? [Q] My Local Security Policy of the domain controller cannot be accessed. I tried to create a new security policy database, but cannot create a new security policy database. The original Security Policy Database rejects access, I think it is for this reason that I must set the account password with high complexity. Otherwise, I cannot update the password or add users, I have disabled the complexity of the security password policy for the domain. which expert can help me solve this problem ,?? What is the error? [Q] Fanfan: If you click "right", you cannot select "sharing... [A]. Do you want to check whether your network attributes allow others to access your files? [Q] Xiao Xin: what is the use of the time service? I stopped the time service on the server [A]. This is not good. time Server is used in many cases, such as Ad replication. [Q] mengmengbug: Is there any way for the domain controller to stop searching for other time servers? [A] What time did you find the server? [Q] Xiao Xin: Do I need to enable the time service? [A] That's a positive [a] problem. What error does the system report? [Q] Sorry: my problem now is that the password complexity policy is used by the system, but I cannot change this policy now, because the local security policy cannot be opened [a] Is it ad? [Q] failed: the error is that Windows cannot open the local policy database. The database you are trying to open does not exist. [a] If any of the following folders is lost, this problem occurs: % SystemRoot % \ sysvol \ domainname \ Policies \ {guid} % SystemRoot % \ sysvol \ sysvol \ domainname \ POL in Microsoft Management Console (MMC) start the "Active Directory users and computers" Management Unit. In the View menu, click Advanced functions. Click the plus sign (+) next to the system folder ). Click the plus sign (+) next to the policy folder ). The GUID of GPO is listed by folder. Start ldp.exe from the support \ reskit \ netmgmt \ dstool folder of the retail Windows 2000 CD-ROM. On the connection menu, click Connect. Enter the server name, confirm that the port is set to 389, click the connectionless check box, and then click OK. Once the connection is complete, the data of the specific server is displayed in the right pane. On the connection menu, click bind. Enter the username and password in the corresponding box? [Q] Black hurricane: How can I back up the ad and group policies of win2000server after I reinstall the server? [A] Back up the corresponding file, reload it, and connect it. Black hurricane: how to back up system status data? Thank you! [A] attachment, backup tool. Conclusion guide_wendy_ms: our chat is coming to an end. Thank you for your enthusiastic participation. Please pay attention to the online chat with experts at the same time next week. Thank you! Vfanyan [MVP]: Today's seminar is over!
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.