[gptalk] Re: How to Apply Policy for system in workgroup or standalone
- From: "Ranjan Babu .G" <ranjan.ganesh@xxxxxxxxxx>
- To: <gptalk@xxxxxxxxxxxxx>
- Date: Tue, 1 May 2007 11:32:51 +0530
Hi Alan Cuthbertson,
Very useful.
Is there is any way to open Local policy of remote system ( 2000 ,2003
servers)in workgroup .In the senior if I have common admin username /password
across the workgroup ?.Same way how to take report of all system in WG
If you have any script for this please help.
* Do you want to do different things on different machines?
Yes, We have different application (Application ,SQL ,IIS
Servers) running on 2000 and 2003 environment
* Can you easily visit each machine
Hope ,But nearly 50 can not. We can not reboot the system most of time.
* How much effort are you willing to put in up front
Ready to put effort .If you guide me I can do it fast.
As of now I created script to adding registry keys and setting security based
on CIS recommendation for system context.
Regards,
Ranjan
gptalk] Re: How to Apply Policy for system in workgroup or standalone
* From: "Alan & Margaret" <syspro@xxxxxxxxxxxxxxxx>
* To: <gptalk@xxxxxxxxxxxxx>
* Date: Mon, 30 Apr 2007 22:28:52 +1000
Hi Ranjan,
It’s a long time since I have worked in a non-domain area, but I suspect the
answer depends on several things such as:-
* Do you trust the user to not try and circumvent what you are doing
* Do you want to do different things on different machines
* Can you easily visit each machine
* How much effort are you willing to put in up front
Probably the easiest way is to write a script that runs from the startup
folder. However, if you want to go beyond just adding registry keys and setting
security, using Local Group Policy may be the go, but it is rather tedious
manually running Local Group Policy on each machines. You can write code to
configure Local Group Policy, but that is a lot of up front work. You mention
ADM files. They are really a component within Local Group Policy and so are not
really relevant.
If you are setting security, you may need to run it in the Machine context
rather than the user context. This means that you need to run the script at
machine start time not logon time. This can be done from Local Group Policy,
but requires some programming work unless you manually set it up on each
machine.
Hope that helps…
Alan Cuthbertson
-----Original Message-----
From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On
Behalf Of Ranjan Babu .G
Sent: Monday, 30 April 2007 3:25 PM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] How to Apply Policy for system in workgroup or standalone
Hello Everyone ,
Our Client having 100 + server in workgroup (Mixed OS 2000 and 2003 Servers)
and would like to apply policy (As per CIS benchmark )using any method .And
also need to add additional registry entry and secure the permission for
registry key.
I want know in which is best method to apply poliocy ? .
Using Script/ Local POlicy editor/ADM file ?
And how to proceed and looking forward to hearing from you.
Type of servers in workgroup.
1.Applictaion Server
2.Web Server
3.SQL DB server
Regards,
Ranjan
Other related posts:
