/bundles/itninjaweb/img/Breadcrumb_cap_w.png
Does anyone have some VBScript that will allow you to add a user or a group to a setting within Secpol.mcs? I need to to manipulate the Local Policy\User Rights Assignment.

Thanks.
0 Comments   [ - ] Hide Comments

Comments

Please log in to comment

Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.
Answer this question or Comment on this question for clarity

Answers

0
you could use secedit to import a template..
Answered 04/10/2009 by: Tone
Second Degree Blue Belt

Please log in to comment
0
If I import a template will it not get overwritten the next time a user logs in and gets a new policy from AD?
Answered 04/10/2009 by: mhsl808
Fifth Degree Brown Belt

Please log in to comment
0
there is a tool in the resource kit called NTRIGHTS.EXE

it will do what you want.
Answered 04/11/2009 by: jmcfadyen
Fifth Degree Black Belt

Please log in to comment
0
Thank you but NTRIGHS.TXT does not seem to handle adding a "domain group" to "Impersonate a Client After Authentication"
Answered 04/13/2009 by: mhsl808
Fifth Degree Brown Belt

Please log in to comment
0
ORIGINAL: mhsl808

If I import a template will it not get overwritten the next time a user logs in and gets a new policy from AD?


not a 100% sure as I have never used it to apply User Rights Assignment, but should only take 10 minutes to test.
Answered 04/13/2009 by: Tone
Second Degree Blue Belt

Please log in to comment
0
i have never had issues with this tool adding domain groups.

does not seem to handle adding a "domain group" to "Impersonate a Client After Authentication"


you never mentioned this in the first post nor does it make alot of sense to me ? what exactly are you trying to say here ?

after client auth could be interesting as your client will already have a token etc.

whos logging on, who needs auth ? what right are you trying to assign ? when does this need to be done ?

more detail please
Answered 04/13/2009 by: jmcfadyen
Fifth Degree Black Belt

Please log in to comment
0
Hi. We have an application that requires "Domain\Domain Users" to be added to the "Impersonate a Client After Authentication" within the Secpol.msc. That is why I am asking for help on this and the sooner the better :-)

Thanks.
Answered 04/14/2009 by: mhsl808
Fifth Degree Brown Belt

Please log in to comment
0
Ntrights.txt does work for this privliage. I was running this on a remove machine and it did not work. As it turns out I did not have proper rights on the remove machine (although I was told I did). When I ran this on my local machine(s) it seems to work. I will test this some more.
Answered 04/14/2009 by: mhsl808
Fifth Degree Brown Belt

Please log in to comment