In some cases, you may find yourself with the need to use Local Computer Policies. This may be because you do
not have an Active Directory domain, or you simply have to apply a set of policies to only one computer or a small
subset of computers and you prefer to use local policy rather than group policy. In a domain environment, you
should always try to shy away from using local computer policies for the simple fact that a group policy linked
to the site, domain, or organizational unit (OU) level has the potential for overwriting your local settings.
Assuming that you do continue down the path of using local computer policies, you will quickly figure out that the
local policy will apply to all users that log onto the computer, even Administrators. Applying local policy to all
users may not be exactly what you intended for. Fortunately, there is a work-around that is easy to implement and
maintain.
A hard drive formatted using the NTFS file system provides the ability to secure resources using a discretionary
access control list (DACL). In essence, you could allow or deny access to certain users or groups. We can take
advantage of this powerful feature. Fortunately, the local computer policy files are stored in a folder within
the %systemroot% directory, specifically at this location: %systemroot%\system32\GroupPolicy. The way to filter
out the users that you do not want the local policy to apply to is to simply assign the DENY READ permission to
any user or group of your choice. You may note that GroupPolicy folder is hidden by default. You will need to
configure your system to show hidden folders before you can change the NTFS permissions on the folder. Restart
the computer the settings in your policy will take effect.
Please help us spread the word by socializing it today!
Did you find something wrong with the information on this page? Please take a moment to report it to us
so that we can continue to improve the quality of the information on this site. Click here to
report an issue with this page.
Recommended Books & Training Resources