« previous next »
Pages: [1]

Author Topic: Local Security Policy  (Read 2630 times)

Hal

  • Guest
Local Security Policy
« on: July 22, 2004, 02:13:38 PM »
I currently have three computers networked together.  Computer "A" is the main computer.  I only want computer "B" to access the files from computer "A".  However when I network them, ALL three computes can access files from each other.  I want to impose a restriction.  I go into the Local Security Settings, and remove "Everyone"  and try to only put computer "A" as one of the "Access This Computer From The Network"  I am able to find computer "B" through location and find, but when I add the computer, and click ok.  I get an error message, "Failed to Save Local Policy Database"
Am I going about this all wrong?
Logged

Gareth.de

  • Guest
Local Security Policy
« Reply #1 on: August 06, 2004, 10:02:22 AM »
Hi

I just had this problem this afternoon with a new image for some college machines. I could add users on the old image but not on the new one. After looking around the net and not being able to find *any* help on the subject, the situation was a little desperate.

However, after comparing the security settings on both images I found some differences. I suspect some latest security patches have changed some settings (the old image is missing a few patches while the new one is bang up to date), but I changed 2 settings to match the old image and it then worked:

•   Open Control Panel.
•   Open “Computer management”.
•   Make sure the following are *disabled*:
   Domain member: Digitally encrypt or sign secure channel data (always)
   Domain member: Digitally sign secure channel data (when possible)

I hope this helps someone out there.
Logged

Guest

  • Guest
Local Security Policy
« Reply #2 on: August 06, 2004, 10:05:37 AM »
[quote name=\'Gareth.de\' date=\'Aug 6 2004, 09:02 AM\']•   Open Control Panel.
•   Open “Computer management”.
•   Make sure the following are *disabled*:
   Domain member: Digitally encrypt or sign secure channel data (always)
   Domain member: Digitally sign secure channel data (when possible)[/quote]
 Sorry, it's obviously time for me to get home as I made a mistake there. Here's the true solution.

•   Open Control Panel.
•   Open “Local security policy”.
•   Open “Local policies”.
•   Open “Security options”.
•   Make sure the following are *disabled*:
Domain member: Digitally encrypt or sign secure channel data (always)
Domain member: Digitally sign secure channel data (when possible)

And I'm off home!!
Logged
Pages: [1]
« previous next »