Security Options Ignored

by Mitch Tulloch [Published on 8 Nov. 2005 / Last Updated on 8 Nov. 2005]

Why are some Security Options in Group Policy not being applied?

The Group Policy setting "Network Security: Force logoff when logon hours expire" is found under Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options. What if you try and configure this setting and it isn't being applied?

You've probably configured this setting in a GPO linked to an OU and not the domain. Unfortunately this policy is one of several under Security Options that are only applied when the GPO is linked at the domain level, not to OUs. The other four Security Options policies that behave similarly are:

  • Accounts: Administrator account status
  • Accounts: Guest account status
  • Accounts: Rename administrator account
  • Accounts: Rename guest account

Cheers,
Mitch Tulloch
ITreader.net

The Author — Mitch Tulloch

Mitch Tulloch is a widely recognized expert on Windows administration, networking, and security. He has been repeatedly awarded Most Valuable Professional (MVP) status by Microsoft for his outstanding contributions in supporting users who deploy and use Microsoft platforms, products and solutions. Mitch has published over two hundred articles on different IT websites and magazines, and he has written or contributed to almost two dozen books and is lead author for the Windows 7 Resource Kit from Microsoft Press. For more information, see www.mtit.com .

Latest Contributions

Featured Links