Darksat IT Security Forums
April 20, 2024, 08:41:42 am
Welcome, Guest. Please login or register.

Login with username, password and session length
News: Darksat IT Security Forum
From Firewall Support, AntiVirus Questions, Spyware problems, Linux and Windows Security, Black Hat SEO right down to Website Design and Multimedia
 
  Home Help Search Gallery Links Staff List Login Register  

Access Rights are not Implemented

Pages: [1] 2 3 4 ... 14
« previous next »
  Print  
Author Topic: Access Rights are not Implemented  (Read 2679 times)
Darksat
Administrator
Master
*******
Posts: 3303



View Profile WWW
« on: June 18, 2008, 08:48:40 am »
As far as I am aware windows normall checks the access rights in Active Directory at startup or every 5-90 minutes depending on machines, setups, etc.

Your running a FAT system correct?
FAT cant contain ACL info so the info is checked from Active Directory at startup or at regular intervals and saved locally.

Some stuff i think should help.
Quote

The Group Policy Settings are refreshed as per the interval configured in the Group Policy for client computers, member servers and domain controllers. You can use the following command line tools to refresh the Group Policy Settings on remote computer. You need to log on to the computer manually and then perform the action suggested below:

For Windows XP computers:

    * Gpupdate.exe /Target:User /force
    * Gpupdate.exe /Target:Computer /force

For Windows 2000 computers:

    * Secedit.exe /refreshpolicy user_policy
    * Secedit.exe /refreshpolicy machine_policy

To refresh the policy on remote computer or computers you can use the following script to do so:

   1. Create a ComputerList.txt
   2. Put all the remote computers in the Text file.
   3. Use the Psexec.exe tool to execute the command remotely.

For Windows XP Computers:

Psexec.exe -@ComputerList.txt Gpupdate.exe /Target:User /force

Psexec.exe -@ComputerList.txt Gpupdate.exe /Target:Computer /force

For Windows 2000 Computers:

Psexec.exe -@ComputerList.txt secedit.exe /refreshpolicy user_policy

Psexec.exe -@ComputerList.txt secedit.exe /refreshpolicy machine_policy

The above Psexec.exe command will run on all the computers specified in the ComputerList.txt.

You can also use the following script to check the version of Operating System and then issue the command:

@echo off

XPGPORef1=gpupdate.exe /Target:User /force

XPGPORef2=gpupdate.exe /Target:Computer /force

Win2kGPORef1=secedit.exe /refreshpolicy user_policy

Win2kGPORef2=secedit.exe /refreshpolicy machine_policy

For /f “Tokens=*” %%a in (ComputerList.txt) Do (

SET Comp_name=%%a

Ver.exe \\%comp_name% > Hostver.txt

Find /I “XP” < Hostver.txt > CheckCC.txt

IF %errorlevel% == 0 (

Psexec.exe \\%comp_name% Gpupdate.exe /Target:User /force

Psexec.exe \\%comp_name% Gpupdate.exe /Target:Computer /force

) ELSE (

Psexec.exe \\%comp_name% secedit.exe /refreshpolicy user_policy

Psexec.exe \\%comp_name% secedit.exe /refreshpolicy machine_policy

)

)

The above script will check the Operating System version by executing Ver.exe on remote computer and then run the appropriate commands to refresh the Group Policy Objects.

And

Quote
   

To change the trust policy refresh period
   
1.    

Click Start, point to Administrative Tools, and then click Active Directory Federation Services.
2.    

Right-click Trust Policy, and then click Properties.
3.    

Scroll to the Advanced tab, and then click the Advanced tab.
4.    

In Trust policy refresh period (minutes), type or scroll to a new number of minutes, and then click OK.
Hope this helps.

Related.
More
« Last Edit: June 18, 2008, 09:07:54 am by Darksat » Report Spam   Logged

Pages: [1] 2 3 4 ... 14
  Print  
« previous next »
 
Jump to:  

Powered by EzPortal
eXTReMe Tracker
Security Forum
Bookmark this site! | Upgrade This Forum
SMF For Free - Create your own Forum


Powered by SMF | SMF © 2016, Simple Machines
Privacy Policy
Page created in 0.047 seconds with 17 queries.