System group policy is almost one of the necessary tools for network management personnel to manage the network, the general application skills of the weapon, I believe many people are already familiar with it.
But the author has always believed that as long as we are careful and careful, we will continue to dig new application skills from the system group strategy. If you don't believe it, let's take a look at the following content. I believe they will help you to enter a new application. "The realm"!
Skillfully, beware of "self-locking"
There is a Group Policy item in the Windows server called "Only allow Windows applications", once you enable the project, and restrict the specified program to run outside, then whether you are in "only" In the list of running programs, the gpedit.msc command has been added. As long as the group policy project that only allows Windows applications to run is effective, the system's group policy will automatically “self-lock” even if you are in super management. Under the member account, you can't open the system's group policy editing window by using the “gpedit.msc” command. So is there a way to limit the running of the application and prevent the system group policy from appearing? Self-locking” What about the phenomenon? The answer is yes, you can follow the steps below:
First click on the "Start" "Start”/“Run” command, in the pop-up system run box, enter the string command“ Gpedit.msc”, click the “OK” button to open the System Group Policy Edit window;
Expand the “User Configuration” in this window, and then “Administrative Templates”//“ System & rdquo; project, in the corresponding sub-window to the right of the "System" project, double-click the "Run only licensed Windows application" option, in the subsequent pop-up interface, the "Allowed" option is selected . Subsequently, you will see in the corresponding window that the "Display" button is activated automatically, then click the "Show" button, and then continue to click the "Add" button in the subsequent window, and then you will need Run the application name input in the Add Settings box, and finally click the "OK" button;
Below, please do not close the Group Policy Edit window immediately; then open the System Run dialog box. And execute the “gpedit.msc” command in it, you will find that the system group policy editor is no longer running! However, fortunately, the group policy editing window has not been closed before, now you can continue in the group policy editing window. Double-click the "Windows application only" project you just set, and then in the pop-up policy settings window, select the "Unconfigured" option, and finally click the "OK" button to achieve both You can limit the purpose of running the application and prevent the system group policy from "self-locking".
Tip: If you add the specified application name to the "Run Windows application only" list, and then directly close the Group Policy Edit window, you can use the following steps to recover :
Restart the server system again, and press the F8 function key repeatedly during the startup process until the system startup menu appears, and then execute the security mode with command prompt. Command to switch the server system to the command line prompt state;
Then execute the mmc.exe string command directly at the command prompt. In the pop-up system console interface, click “file&rdquo Menu item, and click the “Add/Remove Snap-in” option from the pop-up drop-down menu, then click the “Independent” tab in the window that follows, and then in the tab page shown in Figure 1. , click “Add” button;
Next, click “Group Policy>,“Add”,“Complete”,“Close”,&ldquo ; determine the & rdquo; button, this will successfully add a new Group Policy console; later, you can reopen the Group Policy Edit window, and then follow the above settings, to achieve the purpose of limiting the running of the application, but also to block System Group Policy appears "self-locking" phenomenon.
System Group Policy is almost one of the necessary tools for network administrators to manage the network. The general application skills of this tool are believed to be familiar to many people.
But the author has always believed that as long as we are careful and careful, we will continue to dig new application skills from the system group strategy. If you don't believe it, let's take a look at the following content. I believe they will help you to enter a new application. "The realm"!
Different users, different permissions
Maybe your server There are many users, but in order to protect the security of the server, you want these users to have different access control rights to the server, so that in the future, when the server encounters an accident, you can quickly find out according to the difference in permissions. Users who are confused from it. To assign different access control permissions to different users, you only need to set the server group policy. The following are the specific setup steps:
Although there are some techniques that can make Windows Server 2003 more in line with our usage hab
Microsofts network operating system, Windows Server 2003 (Windows 2003), adds many valuable features
The quickest way to access recently used folders is to use the Start → Documents menu. If you have t
If you are an avid multimedia enthusiast, you may be disappointed with your new Windows Server 2003,
Nine features of Windows Server 2008 that are ignored
Install Windows 2000 on SCSI hard disk
Improvements to Active Directory in Windows Server 2008: Audit Policy
Win 2003 to achieve network sharing restore
Windows system folder is fully revealed
Windows 2000 security maintenance
How to disable DCOM support in Windows
How to configure Windows Server 2003 as a LAN router
The distribution function of Win2003 gives the network management the burden of
Win10 uses WIN+E to open this computer's setup skills
Win7 system taskbar preview speed coup
How to check if the hardware driver in Windows 8 is installed normally
Reasons and solutions for Vista resource manager occupying 90%~100% of CPU
Briefly use linux to build www server (2)
How to transform gedit into TextMate in Linux system
What should I do if the scroll bar at the bottom of the win7 folder runs to the right?
How to delete the folder that requires administrator rights in Win7