Hi Alan Cuthbertson, Very useful. Is there is any way to open Local policy of remote system ( 2000 ,2003 servers)in workgroup .In the senior if I have common admin username /password across the workgroup ?.Same way how to take report of all system in WG If you have any script for this please help. * Do you want to do different things on different machines? Yes, We have different application (Application ,SQL ,IIS Servers) running on 2000 and 2003 environment * Can you easily visit each machine Hope ,But nearly 50 can not. We can not reboot the system most of time. * How much effort are you willing to put in up front Ready to put effort .If you guide me I can do it fast. As of now I created script to adding registry keys and setting security based on CIS recommendation for system context. Regards, Ranjan gptalk] Re: How to Apply Policy for system in workgroup or standalone * From: "Alan & Margaret" <syspro@xxxxxxxxxxxxxxxx> * To: <gptalk@xxxxxxxxxxxxx> * Date: Mon, 30 Apr 2007 22:28:52 +1000 Hi Ranjan, It’s a long time since I have worked in a non-domain area, but I suspect the answer depends on several things such as:- * Do you trust the user to not try and circumvent what you are doing * Do you want to do different things on different machines * Can you easily visit each machine * How much effort are you willing to put in up front Probably the easiest way is to write a script that runs from the startup folder. However, if you want to go beyond just adding registry keys and setting security, using Local Group Policy may be the go, but it is rather tedious manually running Local Group Policy on each machines. You can write code to configure Local Group Policy, but that is a lot of up front work. You mention ADM files. They are really a component within Local Group Policy and so are not really relevant. If you are setting security, you may need to run it in the Machine context rather than the user context. This means that you need to run the script at machine start time not logon time. This can be done from Local Group Policy, but requires some programming work unless you manually set it up on each machine. Hope that helps… Alan Cuthbertson -----Original Message----- From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On Behalf Of Ranjan Babu .G Sent: Monday, 30 April 2007 3:25 PM To: gptalk@xxxxxxxxxxxxx Subject: [gptalk] How to Apply Policy for system in workgroup or standalone Hello Everyone , Our Client having 100 + server in workgroup (Mixed OS 2000 and 2003 Servers) and would like to apply policy (As per CIS benchmark )using any method .And also need to add additional registry entry and secure the permission for registry key. I want know in which is best method to apply poliocy ? . Using Script/ Local POlicy editor/ADM file ? And how to proceed and looking forward to hearing from you. Type of servers in workgroup. 1.Applictaion Server 2.Web Server 3.SQL DB server Regards, Ranjan