Local Security Policy

[P@docIT]

Hello,

 

Does anyone know if there is a way to change Local Security Policy via a TS.

 

We use SAP here which apparently uses Kerberos. There is a security policy that is not configured by default in Windows 7.

 

Security Settings > Local Policies > Security Options > Network Security: Configure encryption types allowed for Kerberos

 

I had to enable it and check all the types.

 

Now I need to figure out how to get that setting in the OSD TS.

 

Thanks,

Mike

[Peter van der Woude]

Why not using GPO's?

[P@docIT]

Why not using GPO's?

It's possible that we might. Unfortunately GPO is controlled by another dept and sometimes they are not always easily convinced to make changes especially when it involves using rsat on a win 7 box to update policy. They are used to doing everything from a 2003 domain controller. So i wanted to check if it can be done locally just in case. I know it sounds crazy, but it's the environment I work in.

[Peter van der Woude]

Then I would spent my time convincing the other department

Simply because when somebody else suddenly, for wathever reason, wants to change that setting with GPO's, it will always overwrite your local settings...

[Lucid]

I'd also suggest talking to those who control your GPOs and see if you can find an easy domain-based solution. If that doesn't work, if you can set those items via a registry key, then you could do it that way in your TS...