GROUP POLICY – How to add a Group Policy to Windows 7 – The VISUAL GUIDE
Group policy allows mandated security settings to be deployed on local and domain machines.
Step 1- Start > Type “MMC” into search box
Step 2 – File > Add/Remove Snap in
Step 3 – Select “Group Policy Object” > ADD Button
LOCAL Computer > Finish > OK
If you wanted a Domain Controller, use the BROWSE button.
Step 4 – Local Policy options
A memory trick here for Computer Configuration is:
Windows Settings > Security Settings > Local Policies
Audit Policy, User Rights, Security Options
Step 5 – Audit Policy
Audit Policy > Audit account logon events
Tick both Success & Failure
Step 6 – User Rights
You may wish to limit specific rights, such as to change the time or reboot the machine.
User Rights > Change System Time
Add Groups that are allowed to set system time eg Administrators
Add User or Group Button
Step 7 – Security Options
You may wish to Disable the built in Administrator and Guest accounts
Security Options > Accounts Administrator Account Status
The built in Administrator account always has a RID (Relative ID) of 500.
Use the tools Sid2user and User2SID in order to enumerate the accounts if you renamed Admin, but forgot which account name you gave it. A RID of 500 means the builtin Administrator account. Look for RID 500 – and that’s it … you’ve got the Admin account.