When you used Windwos NT 4.0 PACK5, a new user XIAO is established by Administrator (System Administrator), and then the permissions of XIAO local login and shutdown system in the permissions, and then use the Policy Editor to the local computer. And local users to limit, usually use ordinary users Xiao locally locally, this method has always been smooth, there is no error. However, when Windows 2000 Server comes out, because this guy has any activity directory, the security is higher than the NT function, so I can't wait to try, using the version of Windows 2000 Server Family (hereinafter referred to as W2S). But there is a thing of the old horse. Since the W2S this guy came out, there is no book newspaper for reference, but only fully installed. Go to the domain user manager, can't find it, what should I do? I have never liked to see the help file, I have to find the old real search help file. After some search, I found the "local security policy" (within the management tool program), so I am running "local security" Policy, click Control Tree "Security Settings" - "Local Policy" - "User Right Assignment" - After "Local Log in", add user xiao, add user XIAO in the "Close System" (never Go back to Administrator and then shut down when it is closed. Log out with user xiao, but jump out of a dialog box "This machine does not allow interactive logins", what is going on? W2S and NT are different! Search for help, but there is no news, I have to try it slowly. Take a look at there is a "domain security policy" in the management program group, try again. Single-out Control Tree "Windows Settings" - "Local Policy" - "User Right Assignment" - Double-click "Log in" one after adding User XIAO, "Close System" in the same. After logging out, log in again with ordinary users XIAO, this child is still jumping out of "This machine does not allow interactive login", no law, come back. Hey! I found a "domain controller security policy", such as the law, finally logged in success. W2S This little child is so powerful! But if you do this every time it is not too much trouble. It doesn't matter, it is convenient to add "users" when adding "group". Local security policies, domain security policies, domain controller security policies can only use one or two, then then start the arrangement of the Dafa, the result is "there is a piece of three guys." The security level is big and improved. The system administrator will have a lot of discontinue. Don't say that ordinary users, it seems that Microsoft is really moving a lot of brains and NetWare5. Dear prawns may have a better way than the kid, please let me know. My e-mail is zhangjun901050@yahoo.com.cn.
Zhang Jun, Chengdong Primary School, Taizhou City, Jiangsu Province, China 225300
