+1 on the book. Own it. Love it. Do you get his e-mails too? He's a funny guy...
Dave From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, October 13, 2011 9:04 AM To: NT System Admin Issues Subject: RE: Has anyone tried to add a local account on a server to a restrictive Group via GPO? Yeah, Only way to keep the folks honest to tell you the truth. Jeremy Moskowitz GPO book is helping out a lot. ( Good refresher) Z Edward E. Ziots CISSP, Network +, Security + Security Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 [cid:image001.jpg@01CC898A.295E2670] From: David Lum [mailto:david....@nwea.org]<mailto:[mailto:david....@nwea.org]> Sent: Thursday, October 13, 2011 9:41 AM To: NT System Admin Issues Subject: RE: Has anyone tried to add a local account on a server to a restrictive Group via GPO? I do exactly this, it's awesome. From: Ziots, Edward [mailto:ezi...@lifespan.org]<mailto:[mailto:ezi...@lifespan.org]> Sent: Thursday, October 13, 2011 5:37 AM To: NT System Admin Issues Subject: RE: Has anyone tried to add a local account on a server to a restrictive Group via GPO? I will take a look at it today, going to test out my GPO's before putting them on the production system. Kinda why I tell folks not to use local accounts, but sometimes stuff sneaks through and its typically vendor related. Z Edward E. Ziots CISSP, Network +, Security + Security Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 [cid:image001.jpg@01CC898A.295E2670] From: Christopher Bodnar [mailto:christopher_bod...@glic.com]<mailto:[mailto:christopher_bod...@glic.com]> Sent: Wednesday, October 12, 2011 4:42 PM To: NT System Admin Issues Subject: Re: Has anyone tried to add a local account on a server to a restrictive Group via GPO? Have you seen this? http://social.technet.microsoft.com/Forums/en-US/winserverGP/thread/64d9a801-5281-487c-8d14-1b092c0dffcf/ It looks like you should be able to do this through GPO Restricted Groups, or using Preferences. Chris Bodnar, MCSE, MCITP Technical Support III Distributed Systems Service Delivery - Intel Services Guardian Life Insurance Company of America Email: christopher_bod...@glic.com<mailto:christopher_bod...@glic.com> Phone: 610-807-6459 Fax: 610-807-6003 From: "Ziots, Edward" <ezi...@lifespan.org<mailto:ezi...@lifespan.org>> To: "NT System Admin Issues" <ntsysadmin@lyris.sunbelt-software.com<mailto:ntsysadmin@lyris.sunbelt-software.com>> Date: 10/12/2011 03:38 PM Subject: Has anyone tried to add a local account on a server to a restrictive Group via GPO? ________________________________ Trying to add a local user to a restrictive groups GPO ( its on the server for an application) I am wondering if that can even be done ( unless you modify the GPO from the server that has the local account in question) As for the local account ( silly Healthcare application, don't ask long story about inability on vendors part to set proper DCOM permissions) Z Edward E. Ziots CISSP, Network +, Security + Security Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
<<inline: image001.jpg>>