local security policy

Situation :

Sophos anti-virus deployed on a few hundred workstations.
All workstations have an update account for the anti-virus product to 
login to edirectory to update itself.
This local user must have the right to logon as a service.
If I add this right to this user and reboot the workstation then after the 
reboot it still has this right. (Which is very logical :))

Now I install the zenworks management agent.
After a reboot the sophos user lost the right to logon as a service.

There are no user/workstation policies associated with the context of the 
edirectory user.
If I run wmsched I see no policies.
If I check in Console one the properties of the user or workstation and 
check the effective policies no policies are in effect.

In the past we experimented with group policies and enabled this. However 
we also disabled it again. I noticed in nwadmn32 that from this specific 
user & workstation policy some group policies still existed (These were 
the questionmark objects). I deleted them, just to make sure.

I am using one of the latest zenworks management agent (4.0.1.17)
We are using the zenworks 6 (4.0.1) suite without patches on a hp ml350 
netware 6 sp3 server.

I think it's the agent which gets somehow a policy from edirectory.
What to do next ?




0
john
2/24/2004 4:19:56 PM
novell.zenworks.4x.management 2122 articles. 0 followers. Follow

3 Replies
563 Views

Similar Articles

[PageSpeed] 46
Get it on Google Play
Get it on Apple App Store

john@nomorespamatall.po wrote:

> I think it's the agent which gets somehow a policy from edirectory.
> What to do next ?
The only thing I can think of would be a user policy which has DLU enabled.
If you view properties of the user -> zenworks tab -> effective policies. Is
there anything?

-- 
Jared L Jennings
Novell Support Forums SysOp.
0
Jared
2/24/2004 9:56:12 PM
No there is nothing.
But if you enable DLU and keep the profile on the workstation then there
should be no problem.

Anyone ?




"Jared L Jennings" <jaredljenningsNO@SPAMmyrealbox.com> wrote in message
news:0MP_b.1560$Mw6.179@prv-forum2.provo.novell.com...
> john@nomorespamatall.po wrote:
>
> > I think it's the agent which gets somehow a policy from edirectory.
> > What to do next ?
> The only thing I can think of would be a user policy which has DLU
enabled.
> If you view properties of the user -> zenworks tab -> effective policies.
Is
> there anything?
>
> -- 
> Jared L Jennings
> Novell Support Forums SysOp.


0
John
2/25/2004 3:06:29 PM
John wrote:

> But if you enable DLU and keep the profile on the workstation then there
> should be no problem.
True, but DLU controls the account and will give or take local rights away.

So, are we talking on the same channel?
-- 
Jared L Jennings
Novell Support Forums SysOp.
0
Jared
2/26/2004 4:28:05 AM
Reply:

Similar Artilces:

Turbopower Async Pro is blocked by Policy Local Cmpuer Policy\Windws Settings\Security Settings\Local Policies\User Right Assignment
If computers have set "Load and unload device drivers" in this key to Asministrators only, my program will not be able to connect an external device if I use tApdDataPacket for communication, but if I use tApdTerminal, everything works ok. Has anyone any idea what device drivers may be involved here when adding Users to the group, the program work properly ? Must be something that is loaded by the packet component? Is this driver something that could be preinstalled by installation program ? Onthe other hand, is it normal to do this restriction in policy? (the c...

Local Security Policies
Hi everybody, Anyone Knows how to change the Windows security policies from .NET code. Are there any .NET classes for doing it? Or is necessary use any Windows API? I would appreciatte some code example. I want to change the Local Security Policies (User Rights Assignments), for giving the ASPNET user, for "Act as part of operating system". This is for impersonation problem in Windows 2000. Thks in advance. ...

Local IP Security Policies
Hi, I've seen mentioned in a few postings on this newsgroup regarding configuring the Local IP Security Policies to harden/control TCP/UDP further in windows2000. Is there a guide out there on the www that informs end users how to correctly configure these settings. For example, there are plenty of websites out there that tell you how you should configure IE5.5 properly and disbales netbios over TCP etc etc... I do use Zone Alarm Pro, but I would like to get the OS configured in the correct manor first and have peace of mind that its all setup the right way. Your time as...

Local Security policy overrides Zen
It is my understanding that the Microsoft Local Security Policy under Win2k will override any settings coming from a Windows 2000 Group Policy in Zenworks. If that is not true, please correct me. This is creating a problem for me. I have a vendor that has built workstations for me and in the original image they set a logon banner under the Local Security Policy. I want the banner content to read differently and have set it up in a Zen policy. For all w/s that were not made from the image, the banner appears correctly. For those with this image, I cannot get it to override. I have found...

Why is it an error to have both X-Content-Security-Policy and X-Content-Security-Policy-Report-Only ?
https://wiki.mozilla.org/Security/CSP/Spec#Report-Only_mode If both a X-Content-Security-Policy-Report-Only header and a X-Content-Security-Policy header are present in the same response, a warning is posted to the user agent's error console and any policy specified in X-Content-Security-Policy-Report-Only is ignored. The policy specified in X-Content-Security-Policy headers is enforced. Why is this? This seems like an unnecessary burden which prevents groups from tightening their security policies over time. For example, here at Google, I'm interested in helping resol...

Change local security policy in XP Home
I need to change "network access security from "Guest only" to "classic mode". I can do this in XP Pro by going to administrative tools and selecting local security policy then selecting "network access:sharing and security model for local accounts" Then properties and changing this setting from local users authenticate as guest only to local users authenticate as them selves. I have a program that needs to access this remote computer but the computer needs to have this setting changed. Thanks for any thoughts. In grc.techtalk, message <cp...

ZENWorks for Desktop Remote Management Security Patch
Novell 10097644 2871493 2971500 ZENWorks for Desktop Remote Management Security Patch: After install to Windows 98se PC's running ZENWorks for Desktops 4.0.1 get an error on startup. Unable to load ZENAUTIL.DLL... Answering the error allows login to continue, and everything seems to be fine. I have not been able to resolve this by uninstalling and then re- installing ZEN and the patch from ZEN Patch Management. Has anybody else seen this? Is there a fix? The only thing I find in the knowledgebase seems to point at a missing path statement. I do not believe that is the proble...

iPrint policy not setting correct security on local printer
This is very confusing so I will try to explain what is happening. OS: Netware 6.5sp8 Nipp: various versions tried (5.40 included) Workstation: XP SP3, Novell Client 4.91sp5 Zenworks: 7.0.1.90917 Deploying printers through workstation iprint policies works great. My bosses wanted to turn on Xerox Standard Accounting on our copiers and start using the accounting features. I created a print driver profile to turn on this option and it looks as if it is working. The user is prompted to put in their account code but the print job fails with an invalid account code page at the pr...

superreview requested: [Bug 239969] implement a full security manager for xpcshell : [Attachment 145671] security manager (draft)
timeless@myrealbox.com (working) <timeless@bemail.org> has asked Mike Shaver <shaver@mozilla.org> for superreview: Bug 239969: implement a full security manager for xpcshell http://bugzilla.mozilla.org/show_bug.cgi?id=239969 Attachment 145671: security manager (draft) http://bugzilla.mozilla.org/attachment.cgi?id=145671&action=edit ...

superreview cancelled: [Bug 239969] implement a full security manager for xpcshell : [Attachment 145671] security manager (draft)
Mike Shaver <shaver@mozilla.org> has cancelled timeless@myrealbox.com (working) <timeless@bemail.org>'s request for superreview: Bug 239969: implement a full security manager for xpcshell https://bugzilla.mozilla.org/show_bug.cgi?id=239969 Attachment 145671: security manager (draft) https://bugzilla.mozilla.org/attachment.cgi?id=145671&action=edit ------- Additional Comments from Mike Shaver <shaver@mozilla.org> Yeah, do we need a secman at all if we just give the sysprin to those scripts? I'd be surprised if we did, but maybe there are some cases whe...

Suggestion: Content Security Policy (CSP) might be used for rights-management as well
Hi, I was thinking that it was a nifty idea to use CSP also for non-HTML=20 content. Applying it to other content, like images or JavaScript it = might be=20 used to serve for some kind of low-level rights management. Would you like to discuss this type of application of CSP? Axel Dahmen=20 Hi Axel, I agree that we should consider what CSP can do to protect other types of content. We mainly stuck with HTML at first since it's the most common "document" format on the Web. This is the perfect place to start a discussion about how to apply CSP to other type...

Moving AD Policies to ZENWorks Policies
Hi, I've recently bought ZFD 4.0.1 and would like to move our existing policies from AD to ZENWorks. Firstly, is there anything that the AD policies can do that the ZENWorks Policies can not do? Secondly, can anyone recommend/describe a procedure on how to move the polices from AD to ZENWorks? Thirdly, are there any recommended patches for this version of ZEN? Thanks Ps. I still want to control my roaming profiles in AD. Hey Steven, When you create you ZENWorks Policiies you can import the policies from AD. As far as differences The only one I know of is Fold...

superreview requested: [Bug 230606] Tighten the same-origin policy for local files (file: URLs, trusted, security)
Daniel Veditz <dveditz@cruzio.com> has asked Boris Zbarsky (gone 9/4-9/11 and 9/14-9/17) <bzbarsky@mit.edu> for superreview: Bug 230606: Tighten the same-origin policy for local files (file: URLs, trusted, security) https://bugzilla.mozilla.org/show_bug.cgi?id=230606 Attachment 279562: patch v1 https://bugzilla.mozilla.org/attachment.cgi?id=279562&action=edit ------- Additional Comments from Daniel Veditz <dveditz@cruzio.com> There were basically two options, either don't let scripts run in file: uris (the IE7 approach) or limit which other files scripts ...

superreview granted: [Bug 230606] Tighten the same-origin policy for local files (file: URLs, trusted, security)
Johnny Stenback <jst@mozilla.org> has granted Daniel Veditz <dveditz@cruzio.com>'s request for superreview: Bug 230606: Tighten the same-origin policy for local files (file: URLs, trusted, security) https://bugzilla.mozilla.org/show_bug.cgi?id=3D230606 Attachment 279562: patch v1 https://bugzilla.mozilla.org/attachment.cgi?id=3D279562&action=3Dedit ------- Additional Comments from Johnny Stenback <jst@mozilla.org> - In nsScriptSecurityManager::SecurityCompareURIs():=0D =0D // Compare schemes=0D nsCAutoString targetScheme;=0D - nsresult rv ...

Web resources about - local security policy - novell.zenworks.4x.management

Krebs on Security
The House Financial Services Committee is slated to hold a hearing this Friday on the impact of cyber heists against small- to mid-sized businesses. ...

Security Middle East - Latest news from the Middle East.
Security Middle East is a news portal for the entire security industry, focussed specifically on latest security news from the Middle East. Security ...

Information Security News, IT Security News & Expert Insights: SecurityWeek.Com
IT Security News and Information Security News, Cyber Security, Network Security, Enterprise Security Threats, Cybercrime News and more. Information ...

Committee on National Security Systems - Wikipedia, the free encyclopedia
The National Security Telecommunications and Information Systems Security Committee (NSTISSC) was established under National Security Directive ...

Adelaide prisoner Jake Devenney-Gill wanted after escape from Adelaide low-security jail - AdelaideNow ...
POLICE are still searching for a prisoner who escaped from an Adelaide jail last night — despite being close to finishing his sentence.

James Packer in altercation with security guard at Crown Casino, reports
Billionaire&#160;James Packer has allegedly been involved in a physical&#160;altercation with a security guard at his casino in Melbourne.

Tennis star Bernard Tomic sorry after clash with staff and security alleged at Royal Pines courts - GoldCoastBulletin ...
AUSTRALIAN tennis star Bernard Tomic has apologised after an ugly clash with security and staff at a Gold Coast resort during his Australian ...

James Packer in altercation with security guard at Crown Casino, reports
Billionaire&#160;James Packer has allegedly been involved in a physical&#160;altercation with a security guard at his casino in Melbourne.

James Packer in altercation with security guard at Crown Casino, reports
Billionaire&#160;James Packer has allegedly been involved in a physical&#160;altercation with a security guard at his casino in Melbourne.

James Packer in altercation with security guard at Crown Casino, reports
Billionaire&#160;James Packer has allegedly been involved in a physical&#160;altercation with a security guard at his casino in Melbourne.

Resources last updated: 1/11/2016 10:15:56 AM