Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Policy on NT PDC restricts Desktop on 2000 Pro

Status
Not open for further replies.
cgreen1977

cgreen1977

Technical User
Jul 17, 2002
13
0
0
US
We have an NT PDC server on out network. We have a few 2000 Servers, none of which are PDC's or BDC's. None of the 2000 Servers are logged into by users, they are purefully for apps that must run on 2k. We have just started using 2000 Professional on out workstation. Whenever a 2k Pro workstation logs into our PDC, the user gets restriced access to control panel and no software installation rights. Even logging into the network as a administrator doesn't work. I confess I know zip about Policys other then their function as we don't use them on our network. I have done a search on the PDC for anything *.pol and found nothing. What could specifically be targeting the 2000 Pro stations?
 
Sort by date Sort by votes
All policies (especially if they are doing this automatically) should be in the NetLogon share of the Domain Controllers. Check under %systemroot%\system32\repl\import\scripts for an "NTConfig.pol", as this is the only one that can automatically take effect when a workstation joins a domain. Anything else must be manually configured (through registry entries - which can obviously be scripted etc).

You should be able to edit the .pol file with the Policy Editor (poledit.exe).

If it isn't there, then something very fishy going on. Load the Policy editor onto the workstation, open it and then choose "Open Registry." That will show you the current restrictions in effect. You need to be in as an Admin to run this properly.

Let me know the outcome of these... Cheers,
Sam

Please let members know if you found their posts helpful.
 
Upvote 0 Downvote
Sam,

There are no pol files in the netlogon directory. That would just be too easy :p I will give the second suggestion about loading poledit locally a try.
 
Upvote 0 Downvote
Are there any messages logged in Event Viewer on the Windows2000 Pro workstations?
 
Upvote 0 Downvote
try creating an ntconfig.pol file and putting it on the nt pdc, and set no restrictions.

HTH Marc Turner
Network Manager

E-Mail: Mturner@turnerm3.fsnet.co.uk
 
Upvote 0 Downvote
I have a question did you join the domain with the 2k pro workstation?

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

MaioMaio
  • Question
Server Remote Desktop License
Replies
0
Views
106
MaioMaio
MaioMaio
DTGMI
  • Locked
  • Question
WIN 10 Pro PC & Adding back to our Network
Replies
0
Views
94
DTGMI
DTGMI
DrB0b
  • Locked
  • Question
Hybrid on prem AD with Azure AD
Replies
2
Views
84
DrB0b
DrB0b
James281
  • Locked
  • Question
Enrolment agent (enrol on behalf of) stopped working
Replies
1
Views
62
mikehook
mikehook
ravalos
  • Question
Problem with PDFs in IIS
Replies
1
Views
250
gbaughma
gbaughma

Part and Inventory Search

Sponsor

Back
Top