/build/static/layout/Breadcrumb_cap_w.png

Add user to secpol.msc

Does anyone have some VBScript that will allow you to add a user or a group to a setting within Secpol.mcs? I need to to manipulate the Local Policy\User Rights Assignment.

Thanks.

0 Comments   [ + ] Show comments

Answers (8)

Posted by: Tone 11 years ago
Second Degree Blue Belt
0
you could use secedit to import a template..
Posted by: mhsl808 11 years ago
Fifth Degree Brown Belt
0
If I import a template will it not get overwritten the next time a user logs in and gets a new policy from AD?
Posted by: jmcfadyen 11 years ago
5th Degree Black Belt
0
there is a tool in the resource kit called NTRIGHTS.EXE

it will do what you want.
Posted by: mhsl808 11 years ago
Fifth Degree Brown Belt
0
Thank you but NTRIGHS.TXT does not seem to handle adding a "domain group" to "Impersonate a Client After Authentication"
Posted by: Tone 11 years ago
Second Degree Blue Belt
0
ORIGINAL: mhsl808

If I import a template will it not get overwritten the next time a user logs in and gets a new policy from AD?


not a 100% sure as I have never used it to apply User Rights Assignment, but should only take 10 minutes to test.
Posted by: jmcfadyen 11 years ago
5th Degree Black Belt
0
i have never had issues with this tool adding domain groups.

does not seem to handle adding a "domain group" to "Impersonate a Client After Authentication"


you never mentioned this in the first post nor does it make alot of sense to me ? what exactly are you trying to say here ?

after client auth could be interesting as your client will already have a token etc.

whos logging on, who needs auth ? what right are you trying to assign ? when does this need to be done ?

more detail please
Posted by: mhsl808 11 years ago
Fifth Degree Brown Belt
0
Hi. We have an application that requires "Domain\Domain Users" to be added to the "Impersonate a Client After Authentication" within the Secpol.msc. That is why I am asking for help on this and the sooner the better :-)

Thanks.
Posted by: mhsl808 11 years ago
Fifth Degree Brown Belt
0
Ntrights.txt does work for this privliage. I was running this on a remove machine and it did not work. As it turns out I did not have proper rights on the remove machine (although I was told I did). When I ran this on my local machine(s) it seems to work. I will test this some more.
Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.
 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ