Using local Security Policies in Windows XP

by Johannes Helmig [Published on 21 April 2002 / Last Updated on 21 April 2002]

Windows XP Professional Edition allows full User Management and Security.
The permissions assigned to the Usergroups (assigned in User Management to users)
are defined in the Local Security Policies: select in the Control-panel :
"Administrative Tools" :

Select :
Local Security Policy

Select in the tree-view on the left : Security Settings / Local Policies / User Rights Assignment :

The "policies" are the permissions, which are/can be assigned to Usergroups
(and also to single usernames, although it is a kind of tradition to assign permissions to a usergroup
and then make the user a member of the usergroup to get the permissions ).

Double click on a policy/permission to display
the list of usergroups, which have already this
permission.

Note : all users created in User Management
are automatically member of the Usergroup
"Everyone"

To add a usergroup, use the button
"Add User or Group..."
To get a lookup of the
usergroups and users, select
"Advanced"
Use the button "Find Now"
to display the list of Users
and UserGroups, then
select to assign the permission.


The Local Security Policies also define some rules for the use of passwords:

By default, users will be requested to change their passwords every 42 days
(unless you have declared a password to "never expire" in User management ).

Double-click the entries to change the values.

You can change the password to expire
already in less days or in more days (max. 999).
If you like to avoid password changes,
change the value to 0.

The security policies also allow to define the behavior of the system, if somebody is entering
a bad/wrong password several times : it could be an intruder, making some guesses of passwords
and trying them:

Advertisement

Featured Links