Group policies blocking app explorer apps
We're using windows GPs to prevent students from running all exes (except those on the "Allowed app list") and this works great with Application Window (nalwin.exe) because it's on the allowed list, and all apps are opened as a child process of it.
However, we're now using Application Explorer (nalview.exe) to distribute apps to users on the desktop. I've added nalview.exe to the allowed apps list thinking it would open apps on the desktop as child processes, but this is not the case, the apps will not open. I do know there is a "middle man" process launching the app since the apps, Internet Explorer for example, will not open even if I add it to the allowed apps list.
I'm not sure how to find out the process, does anyone have any ideas?
jdwall,
It appears that in the past few days you have not received a response to your
posting. That concerns us, and has triggered this automated reply.
Has your problem been resolved? If not, you might try one of the following options:
- Visit http://support.novell.com and search the knowledgebase and/or check all
the other self support options and support programs available.
- You could also try posting your message again. Make sure it is posted in the
correct newsgroup. (http://forums.novell.com)
Be sure to read the forum FAQ about what to expect in the way of responses:
http://support.novell.com/forums/faq_general.html
If this is a reply to a duplicate posting, please ignore and accept our apologies
and rest assured we will issue a stern reprimand to our posting bot.
Good luck!
Your Novell Product Support Forums Team
http://support.novell.com/forums/
Similar Messages
-
I am in need of a good call blocking app for iPhone....please any suggestions will be greatly appreciated!
As Randy Landry1 says, Google for "silent ringtone", download and install on you iPhone as a ringtone.
Now create a contact for the offending phone number. Assign the contact to the silent ringtone and set no vibrate.
When that number calls it will not ring, nor vibrate. It will light up the screen, but if you do not see that, it will not bother you. They could leave voice mail, but that is easily deleted.
And if it is a situation where the are violating the do not call list, you can use the missed call log to report the number to the FTC.
Also, if the calls are abusive or threading, and the leave a voice mail, you something to show the police. -
Multi security groups in Oracle apps hrms
Hi All,
Could you please let us know how to enable or disable multi security groups in Oracle Apps hrms?
Thnaks,
AnilIf you have access to Oracle Help-on-line check it there
<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:</font><HR>Originally posted by Amit Das ([email protected]):
Can you please tell me of any document/book etc which describes the security features in Oracle Apps specially on Oracle financials. <HR></BLOCKQUOTE>
null -
I got a police scaner app from itunes and i cannt get it to work on my computer
i just got this gift card i got a police saner 5-0 now i cant get it to go to my computer how do i do that and how do i open it up
debbiefromduluth wrote:
i got a police scaner app from itunes and i cannt get it to work on my computer
i just got this gift card i got a police saner 5-0 now i cant get it to go to my computer how do i do that and how do i open it up
Apps purchased from the App Store in iTunes are only for iOS devices such as the iPhone, iPod Touch and iPad. To use such an app, you need to connect your iOS device to your computer and iTunes will send the app to the device. You then run the app on the device.
There is a separate Mac App Store (MAS) available to Macs running OS X 10.6.6 or later. You purchase apps in the same way as the App Store in iTunes, but apps purchase in the Mac App Store will work directly on the Mac. -
How do I open files from a Facebook group in another app in iOS 7.1.1?
As the questions says, I need to open a .docx from a Facebook group in an app that will allow me to edit the document. Ia writer, Evernote, word or something similar. When I open the document in Facebook, it is a read-only version, and I can't figure out how to somehow export it.
I've experimented a bit, and it is possible to log in to Facebook from Safari and open a document with an editor like word, pages or Evernote. It just seems like a very insufficient and not very elegant solution to have to log in through safari every time I want to edit a document on my iPad.
-
Hi everybody, good day to all
Is there any call blocking app that can make rules based on starting number of caller. For example, accepting all call that start with "+", "00", "01", "02", etcc
There are many such apps in android.
IMranWhich call blocking app did you install?
As far as I am aware, there are no apps for un-jailbroken phones that can block calls, as legit third-party apps are not allowed to changed core iOS features. -
Police Radio app - Dispatcher Alerts Cop that I'm listening
Ugh, is this app legal? I was listening to a police radio channel somewhere in California and I heard the cop say 10-6, and I scrolled up to see what it meant. It said Busy/Change channel. Then I heard the dispatcher go 10-30, so I scrolled down to only see "Unauthorized use of radio" next to 10-30.
My eyes grew x2 as big. I deleted that app so **** fast. I'm nervous as **** lol.
I'm thinking to myself, would Apple approve an app that can perform illegal things such as this?
And yes, of course, before you intelligent nerds start yelling at me, I'm not familiar with the laws and all that other stuff when it comes to radios. So if you can, in a nice way, explain to me if this app is illegal or not? Thanks.Put the app back on your iPhone and listen all you want. They were referring to someone using the radio in a police car and that was unauthorized use.
They could have also been afraid that the channel privacy had been compromised by someone listening (not you) that could have damaged their investigation. I hear this all the time on my police scanner or iPhone police scanner apps.
They don't care that you are listening on an iPhone and that is not illegal use. Got it now? -
Active Directory Group Policies
We are having a problem with Active Directory Group Policies crashing FCP 6.0.4. Staff accounts that have Administrator privileges may log in and use the app with no problem. Students who have more restrictive policies may log in once but when they try to log in again, the application will not open. I would like to avoid making Students administrators. We can't figure out which policy is blocking access. Has anyone else had this problem? How are you solving it?
At the school I teach at part time, we have no problems like you describe. If you'll email me I'll get you in touch with our IT dept and they can tell you how we're set up...
Jerry
[email protected] -
Office 2013 group policies - not working
I'm using Office 2013 Pro Plus SP1 (volume license) on a Windows 7 Pro machine [both are 32 bit]. While I have Server 2003, it's configured to work with Windows 7 and Office 2013 Group Policy templates. I use RSAT on a Win 7 computer to
create/manage the Group Policies.
Since we're not using Office 365, I'm trying to block some of those features, as well as disabling the Office Start screens.
Thinking that SP1 might be the problem, I downloaded the group policy templates for SP1 and copied them to the server.
If I create a policy (Office_2013_settings), with a few settings, like "Block singing into Office". In Group Policy, I disabled the Computer Configuration, leaving the User Configuration enabled. If I force group policy on the target
computer and look at RSOP, I see the computer configuration settings disabled, but nothing for the user configuration, although it's enabled in the policy.
If I put a junk policy entry on the computer configuration and enable both policies on the backend, force group policy on the computer, and look at RSOP, under computer configuration, I see the Office_2013_settings policy, but the policy still doesn't appear
in the user configuration. If I scroll to the bottom of the file, where I can see other Administrative templates and their settings, my Office_2013_settings aren't visible.I have created a group policy with a few settings, and applied to my own computer. It seems to be very nice to me. Please first check the apply status on the client site based on the GPSVC.log
Thinking the issue might be on the way how you create/manage the Group Policies on Windows Server side. Please check the model of how you deploy your group policy, on a domain or OU level? Loopback Merge or Replace? This might affect whether the user
would receive all settings from GPO applied to User or Computer. This article might be useful to you:
http://blogs.technet.com/b/askds/archive/2013/02/08/circle-back-to-loopback.aspx
This might be an issue on Windows server side, you may need to post your question to below forum to get more suggestions:
http://social.technet.microsoft.com/Forums/windowsserver/en-US/home?category=windowsserver -
Group policies not working in one lab.
G'day
I've got a situation at my school where group policies are not having any
effect on the PCs - but only in one of the 3 computer labs.
I've run through the steps of most of the troubleshooting documents I could
find but they haven't really helped.
to summarise...
If I delete the group policy folders from the system32 folder, then log in,
new copies are brought down OK.
If I force an update by executing secedit /refreshpolicy user_policy
/enforce the changes (proxy restrictions mostly) take effect
The policy IS correctly associated with the users and shows in the
Workstation manager as having been executed.
I'm at a loss.
I was wondering if anyone could have a look at the debug log
file I generated and give me some idea what's happening.
Thanks.
Paul Pofandt
IT Manager
St James College
Brisbane
WMHelperInitialization (Sep 22 2003) called! Flags: 0x4002. Event: 0x4000.
Impersonation: 0x2
Opened Mutex.
Loaded userenv.dll
Mapped function RefreshPolicy
Mapped function RegisterGPNotification
Mapped function UnregisterGPNotification
Exiting WMHelperInitialization. Returning flags: 0x204
WMHelperSystemEntryEx called!
Computer Object : CN=00:0D:60:40:D8:B7.OU=WORKSTATIONS.O=STJ
User Object : CN=admin.O=STJ
Entry Flags : 0x4200
Event Flags : 0x4000
DN is Typed convert it to TYPELESS
No user logged in.
Writing User Logged In to \HKLM\Software\Novell\Workstation Manager\Group
Policies
Wrote reg. value 0x0 to User Logged In in key Software\Novell\Workstation
Manager\Group Policies
Reading User Logged In from \HKLM\Software\Novell\Workstation Manager\Group
Policies
Read reg. value User Logged In: 0x0 in key Software\Novell\Workstation
Manager\Group Policies
Detected user logout. Running GPCleanup.
Cleaning up user settings.
Entering GPCleanup
Reading Group Policy Machine Status from \HKLM\Software\Novell\Workstation
Manager\Group Policies
Reg key Software\Novell\Workstation Manager\Group Policies\Group Policy
Machine Status not found. Assuming 0
GPStatus reg key not found. Assuming 0
Reading Group Policy Machine Flags from \HKLM\Software\Novell\Workstation
Manager\Group Policies
Reg key Software\Novell\Workstation Manager\Group Policies\Group Policy
Machine Flags not found. Assuming 0
Reg key Group Policy Machine Flags not found. Assuming 0
Reading Group Policy User Status from \HKLM\Software\Novell\Workstation
Manager\Group Policies
Read reg. value Group Policy User Status: 0x3000 in key
Software\Novell\Workstation Manager\Group Policies
Read reg. key Group Policy User Status: 0x3000
Reading Group Policy User Flags from \HKLM\Software\Novell\Workstation
Manager\Group Policies
Read reg. value Group Policy User Flags: 0x80000060 in key
Software\Novell\Workstation Manager\Group Policies
Read reg. key Group Policy User Flags: 0x80000060
Writing Group Policy User Status to \HKLM\Software\Novell\Workstation
Manager\Group Policies
Wrote reg. value 0x1000 to Group Policy User Status in key
Software\Novell\Workstation Manager\Group Policies
Reading GPT Version from \HKLM\Software\Novell\Workstation Manager\Group
Policies
Read reg. value GPT Version: 0xc100c0 in key Software\Novell\Workstation
Manager\Group Policies
Entered GPDel
Deleting C:\WINNT\System32\GroupPolicy\User
Deleting C:\WINNT\System32\GroupPolicy\Machine
Exiting GPDel 0
Restoring original GP as base.
Entered GPCopy(C:\WINNT\System32\GroupPolicy.WMOriginal,
C:\WINNT\System32\GroupPolicy, 0, handle, 0x70)
Copied C:\WINNT\System32\GroupPolicy.WMOriginal\GPT.ini to
C:\WINNT\System32\GroupPolicy\GPT.ini
Copied file
C:\WINNT\System32\GroupPolicy.WMOriginal\Machine\M icrosoft\Windows
NT\SecEdit\GptTmpl.inf to
C:\WINNT\System32\GroupPolicy\Machine\Microsoft\Wi ndows
NT\SecEdit\GptTmpl.inf
Copied file
C:\WINNT\System32\GroupPolicy.WMOriginal\Machine\M icrosoft\Windows
NT\SecEdit\IPS1.dat to
C:\WINNT\System32\GroupPolicy\Machine\Microsoft\Wi ndows NT\SecEdit\IPS1.dat
GP_FLAG_APPLY_SECURITY_SETTINGS (0x40), not set, or security file already
copied. Will not copy security file
Exiting GPCopy 0x0
Entered AppendPolicy C:\WINNT\System32\GroupPolicy\Machine\Registry.pol
Error 0x2 opening file C:\WINNT\System32\GroupPolicy\Machine\Registry.pol
File does not exist. Nonfatal error.
Exiting AppendPolicy C:\WINNT\System32\GroupPolicy\Machine\Registry.pol 0x0
Entered AppendPolicy C:\WINNT\System32\GroupPolicy\User\Registry.pol
Error 0x2 opening file C:\WINNT\System32\GroupPolicy\User\Registry.pol
File does not exist. Nonfatal error.
Exiting AppendPolicy C:\WINNT\System32\GroupPolicy\User\Registry.pol 0x0
Error 3 calling
GetFileAttributes(C:\WINNT\System32\GroupPolicy.Wk sCache\Machine\Registry.po
l)
Error 3 calling
GetFileAttributes(C:\WINNT\System32\GroupPolicy.Wk sCache\User\Registry.pol)
No workstation cache. Skipping overlay of computer policies...
Entered writeData. File: C:\WINNT\System32\GroupPolicy\Machine\Registry.pol
No data.
Exiting writeData 0x0
Entered writeData. File: C:\WINNT\System32\GroupPolicy\User\Registry.pol
No data.
Exiting writeData 0x0
Entered AppendSecuritySettings
Inf path: C:\WINNT\System32\GroupPolicy\Machine\Microsoft\Wi ndows
NT\SecEdit\GptTmpl.inf
Dispatching SECEDIT.EXE /configure /DB ZENDB /CFG
"C:\WINNT\System32\GroupPolicy\Machine\Microsoft\W indows
NT\SecEdit\GptTmpl.inf" /log c:\GPSecApp.log.
LoadHive entered
LoadHive exit : 0
Exiting AppendSecuritySettings 0x0
LoadHive entered
LoadHive exit : 2
Error 2 loading ipsec settings 1.
Writing Group Policy User Status to \HKLM\Software\Novell\Workstation
Manager\Group Policies
Wrote reg. value 0x3000 to Group Policy User Status in key
Software\Novell\Workstation Manager\Group Policies
Signalling OS to refresh policies
RegQueryValueEx returned 2
Policies are set to apply asynchronously
Policies will be processed asynchronously
Entered SetGptVersion(0x0, TRUE).
Reading GPT Version from \HKLM\Software\Novell\Workstation Manager\Group
Policies
Read reg. value GPT Version: 0xc100c0 in key Software\Novell\Workstation
Manager\Group Policies
Read file C:\WINNT\System32\GroupPolicy\GPT.ini
Found version 0xb800b7 in gpt.ini
Using version: 0xc100c0
Saving GPT version: 0xc200c1
Writing GPT Version to \HKLM\Software\Novell\Workstation Manager\Group
Policies
Wrote reg. value 0xc200c1 to GPT Version in key Software\Novell\Workstation
Manager\Group Policies
Exiting SetGptVersion 0x0.
Applied Computer Policy.
Applied User Policy.
Exiting GPCleanup 0x0
Entered RemoveCleanup.
Loaded wmschapi.dll
Calling WMRemoveAction
Finished Calling WMRemoveAction(WMGRPPOL cleanup action, FALSE). Returned
0x0
Exiting RemoveCleanup 0x0
Apply computer policies releasing mutex.
Exiting WMHelperSystemEntryEx ccode: 0x0
Closing log file.
WMHelperInitialization (Sep 22 2003) called! Flags: 0x0. Event: 0x0.
Impersonation: 0x0
Opened Mutex.
Loaded userenv.dll
Mapped function RefreshPolicy
Mapped function RegisterGPNotification
Mapped function UnregisterGPNotification
Exiting WMHelperInitialization. Returning flags: 0x11
Entering WMHelperInteractiveUserEntry!
szFullDN = CN=test2006.OU=2006.OU=STUDENTS.O=STJ
DN is Typed convert it to TYPELESS
g_szUserDN = test2006.2006.STUDENTS.STJ
GinaGetUsersSIDInTextualForm ENTERED
Textual SID : S-1-5-21-1908370602-1493435055-278805897-1055
GinaGetUsersSIDInTextualForm EXIT : 0
Writing Don't reparse to \HKLM\Software\Novell\Workstation Manager\Group
Policies
Wrote reg. value 0x0 to Don't reparse in key Software\Novell\Workstation
Manager\Group Policies
Writing User Logged In to \HKLM\Software\Novell\Workstation Manager\Group
Policies
Wrote reg. value 0x1 to User Logged In in key Software\Novell\Workstation
Manager\Group Policies
Entered CheckForObsoleteWksCache .
No workstation. Exiting CheckForObsoleteWksCache
Applying user policies
Reading Don't reparse from \HKLM\Software\Novell\Workstation Manager\Group
Policies
Read reg. value Don't reparse: 0x0 in key Software\Novell\Workstation
Manager\Group Policies
Reading Group Policy User Status from \HKLM\Software\Novell\Workstation
Manager\Group Policies
Read reg. value Group Policy User Status: 0x3000 in key
Software\Novell\Workstation Manager\Group Policies
Read reg. key Group Policy User Status: 0x3000
Entering ApplyPolicies
Reading Group Policy User Flags from \HKLM\Software\Novell\Workstation
Manager\Group Policies
Read reg. value Group Policy User Flags: 0x80000060 in key
Software\Novell\Workstation Manager\Group Policies
Read reg. key Group Policy User Flags: 0x80000060
Reading Group Policy User Status from \HKLM\Software\Novell\Workstation
Manager\Group Policies
Read reg. value Group Policy User Status: 0x3000 in key
Software\Novell\Workstation Manager\Group Policies
Read reg. key Group Policy User Status: 0x3000
Writing Group Policy User Status to \HKLM\Software\Novell\Workstation
Manager\Group Policies
Wrote reg. value 0x1000 to Group Policy User Status in key
Software\Novell\Workstation Manager\Group Policies
Impersonating logged on user.
Context : OU=2006.OU=STUDENTS.O=STJ
Full Object DN CN=test2006.OU=2006.OU=STUDENTS.O=STJ
Calling WMGetAllAssociatedObjects(FALSE, MANGO, 1,
CN=test2006.OU=2006.OU=STUDENTS.O=STJ, WINNT Workstation Package,
zenwmGroupPolicy, 512, pBuffer)
Reverting to system impersonation.
Found DN CN=Student User Package:Windows Group Policy.O=STJ
WMCheckIfGroupPolicyObjectsChanged entered
Impersonating logged on user.
Reverting to system impersonation.
Group Policy object has changed!
Exiting WMCheckIfGroupPolicyObjectsChanged 0x0
Entered ScheduleCleanup.
Loaded wmschapi.dll
Calling WMScheduleAction
Finished Calling WMScheduleAction. Returned 0x0
Exiting ScheduleCleanup 0x0
Entered BackupOriginalGP.
Exiting BackupOriginalGP 0x0
Entering ApplyGroupPolicy.
Entered GPDel
Deleting C:\WINNT\System32\GroupPolicy.UserCache\User
Deleting C:\WINNT\System32\GroupPolicy.UserCache\Machine
Exiting GPDel 0
Entered GPCopy(C:\WINNT\System32\GroupPolicy.WMOriginal,
C:\WINNT\System32\GroupPolicy.UserCache, 0, handle, 0x70)
Copied C:\WINNT\System32\GroupPolicy.WMOriginal\GPT.ini to
C:\WINNT\System32\GroupPolicy.UserCache\GPT.ini
Copied file
C:\WINNT\System32\GroupPolicy.WMOriginal\Machine\M icrosoft\Windows
NT\SecEdit\GptTmpl.inf to
C:\WINNT\System32\GroupPolicy.UserCache\Machine\Mi crosoft\Windows
NT\SecEdit\GptTmpl.inf
Copied file
C:\WINNT\System32\GroupPolicy.WMOriginal\Machine\M icrosoft\Windows
NT\SecEdit\IPS1.dat to
C:\WINNT\System32\GroupPolicy.UserCache\Machine\Mi crosoft\Windows
NT\SecEdit\IPS1.dat
GP_FLAG_APPLY_SECURITY_SETTINGS (0x40), not set, or security file already
copied. Will not copy security file
Exiting GPCopy 0x0
Entered AppendPolicy
C:\WINNT\System32\GroupPolicy.UserCache\Machine\Re gistry.pol
Error 0x2 opening file
C:\WINNT\System32\GroupPolicy.UserCache\Machine\Re gistry.pol
File does not exist. Nonfatal error.
Exiting AppendPolicy
C:\WINNT\System32\GroupPolicy.UserCache\Machine\Re gistry.pol 0x0
Entered AppendPolicy
C:\WINNT\System32\GroupPolicy.UserCache\User\Regis try.pol
Error 0x2 opening file
C:\WINNT\System32\GroupPolicy.UserCache\User\Regis try.pol
File does not exist. Nonfatal error.
Exiting AppendPolicy
C:\WINNT\System32\GroupPolicy.UserCache\User\Regis try.pol 0x0
Entered MergeGptFile(C:\WINNT\System32\GroupPolicy.UserCac he, 0x30)
g_dwVersion: 0x0.
Reading GPT Version from \HKLM\Software\Novell\Workstation Manager\Group
Policies
Read reg. value GPT Version: 0xc200c1 in key Software\Novell\Workstation
Manager\Group Policies
Found user extensions...
Exiting MergeGptFile 0x0
Processing CN=Student User Package:Windows Group Policy.O=STJ
Impersonating logged on user.
Flags: 0x80000060
Check for old settings: 0x60
Reverting to system.
Writing Group Policy User Flags to \HKLM\Software\Novell\Workstation
Manager\Group Policies
Wrote reg. value 0x80000060 to Group Policy User Flags in key
Software\Novell\Workstation Manager\Group Policies
Entered GPCopy(\\THOR\sys\public\Policies_stu,
C:\WINNT\System32\GroupPolicy.UserCache, 1, handle, 0x80000060)
Granted temp acess to C:\WINNT\System32\GroupPolicy.UserCache\GPT.ini
Copied \\THOR\sys\public\Policies_stu\GPT.ini to
C:\WINNT\System32\GroupPolicy.UserCache\GPT.ini
Reverting to system.
Restored security on C:\WINNT\System32\GroupPolicy.UserCache\GPT.ini
Granted temp acess to C:\WINNT\System32\GroupPolicy.UserCache\User
Copied file \\THOR\sys\public\Policies_stu\User\Registry.pol to
C:\WINNT\System32\GroupPolicy.UserCache\User\Regis try.pol
Granted temp acess to C:\WINNT\System32\GroupPolicy.UserCache\User\MICRO SOFT
Granted temp acess to
C:\WINNT\System32\GroupPolicy.UserCache\User\MICRO SOFT\IEAK
Copied file \\THOR\sys\public\Policies_stu\User\MICROSOFT\IEAK \install.ins
to C:\WINNT\System32\GroupPolicy.UserCache\User\MICRO SOFT\IEAK\install.ins
Granted temp acess to
C:\WINNT\System32\GroupPolicy.UserCache\User\MICRO SOFT\IEAK\BRANDING
Granted temp acess to
C:\WINNT\System32\GroupPolicy.UserCache\User\MICRO SOFT\IEAK\BRANDING\favs
Restored security on
C:\WINNT\System32\GroupPolicy.UserCache\User\MICRO SOFT\IEAK\BRANDING\favs
Restored security on
C:\WINNT\System32\GroupPolicy.UserCache\User\MICRO SOFT\IEAK\BRANDING
Granted temp acess to
C:\WINNT\System32\GroupPolicy.UserCache\User\MICRO SOFT\IEAK\LOCK
Restored security on
C:\WINNT\System32\GroupPolicy.UserCache\User\MICRO SOFT\IEAK\LOCK
Restored security on
C:\WINNT\System32\GroupPolicy.UserCache\User\MICRO SOFT\IEAK
Restored security on C:\WINNT\System32\GroupPolicy.UserCache\User\MICRO SOFT
Granted temp acess to C:\WINNT\System32\GroupPolicy.UserCache\User\Scrip ts
Granted temp acess to
C:\WINNT\System32\GroupPolicy.UserCache\User\Scrip ts\Logoff
Restored security on
C:\WINNT\System32\GroupPolicy.UserCache\User\Scrip ts\Logoff
Granted temp acess to
C:\WINNT\System32\GroupPolicy.UserCache\User\Scrip ts\Logon
Restored security on
C:\WINNT\System32\GroupPolicy.UserCache\User\Scrip ts\Logon
Restored security on C:\WINNT\System32\GroupPolicy.UserCache\User\Scrip ts
Restored security on C:\WINNT\System32\GroupPolicy.UserCache\User
GP_FLAG_APPLY_COMP_SETTINGS (0x10), not set. Will not copy machine folder
Copying security file
Granted temp acess to
C:\WINNT\System32\GroupPolicy.UserCache\Machine\Mi crosoft\Windows NT\SecEdit
Copied file \\THOR\sys\public\Policies_stu\Machine\Microsoft\W indows
NT\SecEdit\GptTmpl.inf to
C:\WINNT\System32\GroupPolicy.UserCache\Machine\Mi crosoft\Windows
NT\SecEdit\GptTmpl.inf
Copied file \\THOR\sys\public\Policies_stu\Machine\Microsoft\W indows
NT\SecEdit\IPS1.dat to
C:\WINNT\System32\GroupPolicy.UserCache\Machine\Mi crosoft\Windows
NT\SecEdit\IPS1.dat
Copied file \\THOR\sys\public\Policies_stu\Machine\Microsoft\W indows
NT\SecEdit\IPS2.dat to
C:\WINNT\System32\GroupPolicy.UserCache\Machine\Mi crosoft\Windows
NT\SecEdit\IPS2.dat
Copied file \\THOR\sys\public\Policies_stu\Machine\Microsoft\W indows
NT\SecEdit\IPS3.dat to
C:\WINNT\System32\GroupPolicy.UserCache\Machine\Mi crosoft\Windows
NT\SecEdit\IPS3.dat
Restored security on
C:\WINNT\System32\GroupPolicy.UserCache\Machine\Mi crosoft\Windows NT\SecEdit
Exiting GPCopy 0x0
Entered MergeGptFile(C:\WINNT\System32\GroupPolicy.UserCac he, 0x80000060)
g_dwVersion: 0xc200c1.
Found user extensions...
Exiting MergeGptFile 0x0
Applying user settings.
Entered AppendPolicy
C:\WINNT\System32\GroupPolicy.UserCache\User\Regis try.pol
Entered parseRegFile
Val: 'NoChangingWallPaper'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \ActiveDesktop\NoChangingW
allPaper
Val: 'NoHardwareTab'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\NoHardwareTab
Val: 'NoWindowsUpdate'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\NoWindowsUpdate
Val: 'NoNetworkConnections'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\NoNetworkConnect
ions
Val: 'ForceStartMenuLogOff'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\ForceStartMenuLo
gOff
Val: 'ClearRecentDocsOnExit'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\ClearRecentDocsO
nExit
Val: 'Intellimenus'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\Intellimenus
Val: 'NoSaveSettings'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\NoSaveSettings
Val: 'NoMovingBands'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\NoMovingBands
Val: 'NoRecentDocsNetHood'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\NoRecentDocsNetH
ood
Val: 'NoCloseDragDropBands'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\NoCloseDragDropB
ands
Val: 'NoActiveDesktop'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\NoActiveDesktop
Val: 'NoControlPanel'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\NoControlPanel
Val: 'NoDeletePrinter'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\NoDeletePrinter
Val: '**del.NoAddPrinter'
Trying to delete key:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer, val:
NoAddPrinter
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\**del.NoAddPrint
er
Val: '**del.DisablePersonalDirChange'
Trying to delete key:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer, val:
DisablePersonalDirChange
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\**del.DisablePer
sonalDirChange
Val: 'DisallowRun'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\DisallowRun
Val: '**delvals.'
Trying to delete values under key:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\DisallowRun
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\DisallowRun\**de
lvals.
Val: '1'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\DisallowRun\1
Val: '2'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\DisallowRun\2
Val: '3'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\DisallowRun\3
Val: '4'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\DisallowRun\4
Val: '5'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\DisallowRun\5
Val: '6'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\DisallowRun\6
Val: '7'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\DisallowRun\7
Val: '8'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\DisallowRun\8
Val: 'DisableRegistryTools'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \System\DisableRegistryToo
ls
Val: 'DisableTaskMgr'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \System\DisableTaskMgr
Val: '**del.DisableLockWorkstation'
Trying to delete key:
Software\Microsoft\Windows\CurrentVersion\Policies \System, val:
DisableLockWorkstation
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \System\**del.DisableLockW
orkstation
Val: 'NoAddRemovePrograms'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Uninstall\NoAddRemoveProg
rams
Val: 'NoRemovePage'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Uninstall\NoRemovePage
Val: 'NoAddPage'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Uninstall\NoAddPage
Val: 'NoWindowsSetupPage'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Uninstall\NoWindowsSetupP
age
Val: 'NoAddFromCDorFloppy'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Uninstall\NoAddFromCDorFl
oppy
Val: 'NoAddFromInternet'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Uninstall\NoAddFromIntern
et
Val: 'NoAddFromNetwork'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Uninstall\NoAddFromNetwor
k
Val: 'DisableWindowsUpdateAccess'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \WindowsUpdate\DisableWind
owsUpdateAccess
Val: 'NoChat'
Added: Software\Policies\Microsoft\Conferencing\NoChat
Val: 'NoSharing'
Added: Software\Policies\Microsoft\Conferencing\NoSharing
Val: 'NoSharingDesktop'
Added: Software\Policies\Microsoft\Conferencing\NoSharing Desktop
Val: 'NoSharingDosWindows'
Added: Software\Policies\Microsoft\Conferencing\NoSharing DosWindows
Val: 'NoSharingExplorer'
Added: Software\Policies\Microsoft\Conferencing\NoSharing Explorer
Val: 'NoAllowControl'
Added: Software\Policies\Microsoft\Conferencing\NoAllowCo ntrol
Val: 'NoTrueColorSharing'
Added: Software\Policies\Microsoft\Conferencing\NoTrueCol orSharing
Val: 'NoAppSharing'
Added: Software\Policies\Microsoft\Conferencing\NoAppShar ing
Val: 'NoGeneralPage'
Added: Software\Policies\Microsoft\Conferencing\NoGeneral Page
Val: 'NoAdvancedCalling'
Added: Software\Policies\Microsoft\Conferencing\NoAdvance dCalling
Val: 'NoSecurityPage'
Added: Software\Policies\Microsoft\Conferencing\NoSecurit yPage
Val: 'NoAudioPage'
Added: Software\Policies\Microsoft\Conferencing\NoAudioPa ge
Val: 'NoVideoPage'
Added: Software\Policies\Microsoft\Conferencing\NoVideoPa ge
Val: 'Advanced'
Added: Software\Policies\Microsoft\Internet Explorer\Control Panel\Advanced
Val: 'HomePage'
Added: Software\Policies\Microsoft\Internet Explorer\Control Panel\HomePage
Val: 'Cache'
Added: Software\Policies\Microsoft\Internet Explorer\Control Panel\Cache
Val: 'Connwiz Admin Lock'
Added: Software\Policies\Microsoft\Internet Explorer\Control Panel\Connwiz
Admin Lock
Val: 'Connection Settings'
Added: Software\Policies\Microsoft\Internet Explorer\Control
Panel\Connection Settings
Val: 'Proxy'
Added: Software\Policies\Microsoft\Internet Explorer\Control Panel\Proxy
Val: 'Autoconfig'
Added: Software\Policies\Microsoft\Internet Explorer\Control
Panel\Autoconfig
Val: 'Profiles'
Added: Software\Policies\Microsoft\Internet Explorer\Control Panel\Profiles
Val: 'Certificates'
Added: Software\Policies\Microsoft\Internet Explorer\Control
Panel\Certificates
Val: 'Ratings'
Added: Software\Policies\Microsoft\Internet Explorer\Control Panel\Ratings
Val: 'FormSuggest Passwords'
Added: Software\Policies\Microsoft\Internet Explorer\Control
Panel\FormSuggest Passwords
Val: 'Messaging'
Added: Software\Policies\Microsoft\Internet Explorer\Control Panel\Messaging
Val: 'CalendarContact'
Added: Software\Policies\Microsoft\Internet Explorer\Control
Panel\CalendarContact
Val: 'ContentTab'
Added: Software\Policies\Microsoft\Internet Explorer\Control
Panel\ContentTab
Val: 'ConnectionsTab'
Added: Software\Policies\Microsoft\Internet Explorer\Control
Panel\ConnectionsTab
Val: 'ProgramsTab'
Added: Software\Policies\Microsoft\Internet Explorer\Control
Panel\ProgramsTab
Val: 'AdvancedTab'
Added: Software\Policies\Microsoft\Internet Explorer\Control
Panel\AdvancedTab
Val: 'RestrictAuthorMode'
Added: Software\Policies\Microsoft\MMC\RestrictAuthorMode
Val: 'Restrict_Run'
Added:
Software\Policies\Microsoft\MMC\{011BE22D-E453-11D1-945A-00C04FB984F9}\Restr
ict_Run
Val: 'Restrict_Run'
Added:
Software\Policies\Microsoft\MMC\{1AA7F839-C7F5-11D0-A376-00C04FC9DA04}\Restr
ict_Run
Val: 'Restrict_Run'
Added:
Software\Policies\Microsoft\MMC\{3CB6973D-3E6F-11D0-95DB-00A024D77700}\Restr
ict_Run
Val: 'Restrict_Run'
Added:
Software\Policies\Microsoft\MMC\{53D6AB1D-2488-11D1-A28C-00C04FB94F17}\Restr
ict_Run
Val: 'Restrict_Run'
Added:
Software\Policies\Microsoft\MMC\{58221C65-EA27-11CF-ADCF-00AA00A80033}\Restr
ict_Run
Val: 'Restrict_Run'
Added:
Software\Policies\Microsoft\MMC\{58221C66-EA27-11CF-ADCF-00AA00A80033}\Restr
ict_Run
Val: 'Restrict_Run'
Added:
Software\Policies\Microsoft\MMC\{58221C67-EA27-11CF-ADCF-00AA00A80033}\Restr
ict_Run
Val: 'Restrict_Run'
Added:
Software\Policies\Microsoft\MMC\{5ADF5BF6-E452-11D1-945A-00C04FB984F9}\Restr
ict_Run
Val: 'Restrict_Run'
Added:
Software\Policies\Microsoft\MMC\{5C659257-E236-11D2-8899-00104B2AFB46}\Restr
ict_Run
Val: 'Restrict_Run'
Added:
Software\Policies\Microsoft\MMC\{5D6179C8-17EC-11D1-9AA9-00C04FD8FE93}\Restr
ict_Run
Val: 'Restrict_Run'
Added:
Software\Policies\Microsoft\MMC\{677A2D94-28D9-11D1-A95B-008048918FB1}\Restr
ict_Run
Val: 'Restrict_Run'
Added:
Software\Policies\Microsoft\MMC\{7478EF61-8C46-11d1-8D99-00A0C913CAD4}\Restr
ict_Run
Val: 'Restrict_Run'
Added:
Software\Policies\Microsoft\MMC\{753EDB4D-2E1B-11D1-9064-00A0C90AB504}\Restr
ict_Run
Val: 'Restrict_Run'
Added:
Software\Policies\Microsoft\MMC\{8EAD3A12-B2C1-11d0-83AA-00A0C92C9D5D}\Restr
ict_Run
Val: 'Restrict_Run'
Added:
Software\Policies\Microsoft\MMC\{8F8F8DC0-5713-11D1-9551-0060B0576642}\Restr
ict_Run
Val: 'Restrict_Run'
Added:
Software\Policies\Microsoft\MMC\{90087284-d6d6-11d0-8353-00a0c90640bf}\Restr
ict_Run
Val: 'Restrict_Run'
Added:
Software\Policies\Microsoft\MMC\{95AD72F0-44CE-11D0-AE29-00AA004B9986}\Restr
ict_Run
Val: 'Restrict_Run'
Added:
Software\Policies\Microsoft\MMC\{A841B6C2-7577-11D0-BB1F-00A0C922E79C}\Restr
ict_Run
Val: 'Restrict_Run'
Added:
Software\Policies\Microsoft\MMC\{B91B6008-32D2-11D2-9888-00A0C925F917}\Restr
ict_Run
Val: 'Restrict_Run'
Added:
Software\Policies\Microsoft\MMC\{C9BC92DF-5B9A-11D1-8F00-00C04FC2C17B}\Restr
ict_Run
Val: 'Restrict_Run'
Added:
Software\Policies\Microsoft\MMC\{D967F824-9968-11D0-B936-00C04FD8D5B0}\Restr
ict_Run
Val: 'Restrict_Run'
Added:
Software\Policies\Microsoft\MMC\{DEA8AFA0-CC85-11d0-9CE2-0080C7221EBD}\Restr
ict_Run
Val: 'Restrict_Run'
Added:
Software\Policies\Microsoft\MMC\{E26D02A0-4C1F-11D1-9AA1-00C04FC3357A}\Restr
ict_Run
Val: 'Restrict_Run'
Added:
Software\Policies\Microsoft\MMC\{E355E538-1C2E-11D0-8C37-00C04FD8FE93}\Restr
ict_Run
Val: 'Restrict_Run'
Added:
Software\Policies\Microsoft\MMC\{EBC53A38-A23F-11D0-B09B-00C04FD8DCA6}\Restr
ict_Run
Val: 'Restrict_Run'
Added:
Software\Policies\Microsoft\MMC\{FD57D297-4FD9-11D1-854E-00C04FC31FD3}\Restr
ict_Run
Val: '{D6526FE0-E651-11CF-99CB-00C04FD64497}'
Added: Software\Policies\Microsoft\Windows\CurrentVersion \Internet
Settings\AllowedControls\{D6526FE0-E651-11CF-99CB-00C04FD64497}
Val: 'NoConfigCache'
Added: Software\Policies\Microsoft\Windows\NetCache\NoCon figCache
Val: 'NoMakeAvailableOffline'
Added: Software\Policies\Microsoft\Windows\NetCache\NoMak eAvailableOffline
Val: 'NoCacheViewer'
Added: Software\Policies\Microsoft\Windows\NetCache\NoCac heViewer
Val: 'NC_RasConnect'
Added: Software\Policies\Microsoft\Windows\Network Connections\NC_RasConnect
Val: 'NC_LanConnect'
Added: Software\Policies\Microsoft\Windows\Network Connections\NC_LanConnect
Val: 'NC_LanProperties'
Added: Software\Policies\Microsoft\Windows\Network
Connections\NC_LanProperties
Val: 'NC_RasMyProperties'
Added: Software\Policies\Microsoft\Windows\Network
Connections\NC_RasMyProperties
Val: 'NC_RasAllUserProperties'
Added: Software\Policies\Microsoft\Windows\Network
Connections\NC_RasAllUserProperties
Val: 'NC_RenameConnection'
Added: Software\Policies\Microsoft\Windows\Network
Connections\NC_RenameConnection
Val: 'NC_RenameMyRasConnection'
Added: Software\Policies\Microsoft\Windows\Network
Connections\NC_RenameMyRasConnection
Val: 'NC_AddRemoveComponents'
Added: Software\Policies\Microsoft\Windows\Network
Connections\NC_AddRemoveComponents
Val: 'NC_ChangeBindState'
Added: Software\Policies\Microsoft\Windows\Network
Connections\NC_ChangeBindState
Val: 'NC_LanChangeProperties'
Added: Software\Policies\Microsoft\Windows\Network
Connections\NC_LanChangeProperties
Val: 'NC_RasChangeProperties'
Added: Software\Policies\Microsoft\Windows\Network
Connections\NC_RasChangeProperties
Val: 'NC_NewConnectionWizard'
Added: Software\Policies\Microsoft\Windows\Network
Connections\NC_NewConnectionWizard
Val: 'NC_DialupPrefs'
Added: Software\Policies\Microsoft\Windows\Network
Connections\NC_DialupPrefs
Val: 'NC_AdvancedSettings'
Added: Software\Policies\Microsoft\Windows\Network
Connections\NC_AdvancedSettings
Val: 'NC_ShowSharedAccessUI'
Added: Software\Policies\Microsoft\Windows\Network
Connections\NC_ShowSharedAccessUI
Val: 'NC_AllowAdvancedTCPIPConfig'
Added: Software\Policies\Microsoft\Windows\Network
Connections\NC_AllowAdvancedTCPIPConfig
Val: 'DisableCMD'
Added: Software\Policies\Microsoft\Windows\System\Disable CMD
Exiting parseRegFile
Exiting AppendPolicy
C:\WINNT\System32\GroupPolicy.UserCache\User\Regis try.pol 0x0
Reverting to system impersonation.
Entered writeData. File:
C:\WINNT\System32\GroupPolicy.UserCache\User\Regis try.pol
Exiting writeData 0x0
Entered writeData. File:
C:\WINNT\System32\GroupPolicy.UserCache\Machine\Re gistry.pol
No data.
Exiting writeData 0x0
Entered GenerateGptFile(C:\WINNT\System32\GroupPolicy.User Cache)
g_dwVersion: 0xc200c1.
Writing GPT Version to \HKLM\Software\Novell\Workstation Manager\Group
Policies
Wrote reg. value 0xc200c1 to GPT Version in key Software\Novell\Workstation
Manager\Group Policies
Exiting GenerateGptFile 0x0
Reading workstation cache
Entered MergeGptFile(C:\WINNT\System32\GroupPolicy.WksCach e, 0x30)
g_dwVersion: 0xc200c1.
Exiting MergeGptFile 0x0
Entered AppendPolicy
C:\WINNT\System32\GroupPolicy.WksCache\User\Regist ry.pol
Error 0x3 opening file
C:\WINNT\System32\GroupPolicy.WksCache\User\Regist ry.pol
File does not exist. Nonfatal error.
Exiting AppendPolicy
C:\WINNT\System32\GroupPolicy.WksCache\User\Regist ry.pol 0x0
Entered AppendPolicy
C:\WINNT\System32\GroupPolicy.WksCache\Machine\Reg istry.pol
Error 0x3 opening file
C:\WINNT\System32\GroupPolicy.WksCache\Machine\Reg istry.pol
File does not exist. Nonfatal error.
Exiting AppendPolicy
C:\WINNT\System32\GroupPolicy.WksCache\Machine\Reg istry.pol 0x0
Reading Group Policy Machine Flags from \HKLM\Software\Novell\Workstation
Manager\Group Policies
Reg key Software\Novell\Workstation Manager\Group Policies\Group Policy
Machine Flags not found. Assuming 0
Workstation flags: 0x0
Entered MergeAndSavePolicies(0x0, C:\WINNT\System32\GroupPolicy.UserCache)
Applying workstation, then user policies
Entered MemAppendPolicy
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \ActiveDesktop\NoChangingW
allPaper
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\NoHardwareTab
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\NoWindowsUpdate
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\NoNetworkConnect
ions
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\ForceStartMenuLo
gOff
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\ClearRecentDocsO
nExit
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\Intellimenus
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\NoSaveSettings
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\NoMovingBands
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\NoRecentDocsNetH
ood
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\NoCloseDragDropB
ands
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\NoActiveDesktop
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\NoControlPanel
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\NoDeletePrinter
Trying to delete key:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer, val:
NoAddPrinter
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\**del.NoAddPrint
er
Trying to delete key:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer, val:
DisablePersonalDirChange
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\**del.DisablePer
sonalDirChange
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\DisallowRun
Trying to delete values under key:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\DisallowRun
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\DisallowRun\**de
lvals.
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\DisallowRun\1
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\DisallowRun\2
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\DisallowRun\3
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\DisallowRun\4
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\DisallowRun\5
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\DisallowRun\6
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\DisallowRun\7
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\DisallowRun\8
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \System\DisableRegistryToo
ls
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \System\DisableTaskMgr
Trying to delete key:
Software\Microsoft\Windows\CurrentVersion\Policies \System, val:
DisableLockWorkstation
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \System\**del.DisableLockW
orkstation
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Uninstall\NoAddRemoveProg
rams
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Uninstall\NoRemovePage
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Uninstall\NoAddPage
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Uninstall\NoWindowsSetupP
age
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Uninstall\NoAddFromCDorFl
oppy
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Uninstall\NoAddFromIntern
et
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Uninstall\NoAddFromNetwor
k
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \WindowsUpdate\DisableWind
owsUpdateAccess
Added: Software\Policies\Microsoft\Conferencing\NoChat
Added: Software\Policies\Microsoft\Conferencing\NoSharing
Added: Software\Policies\Microsoft\Conferencing\NoSharing Desktop
Added: Software\Policies\Microsoft\Conferencing\NoSharing DosWindows
Added: Software\Policies\Microsoft\Conferencing\NoSharing Explorer
Added: Software\Policies\Microsoft\Conferencing\NoAllowCo ntrol
Added: Software\Policies\Microsoft\Conferencing\NoTrueCol orSharing
Added: Software\Policies\Microsoft\Conferencing\NoAppShar ing
Added: Software\Policies\Microsoft\Conferencing\NoGeneral Page
Added: Software\Policies\Microsoft\Conferencing\NoAdvance dCalling
Added: Software\Policies\Microsoft\Conferencing\NoSecurit yPage
Added: Software\Policies\Microsoft\Conferencing\NoAudioPa ge
Added: Software\Policies\Microsoft\Conferencing\NoVideoPa ge
Added: Software\Policies\Microsoft\Internet Explorer\Control Panel\Advanced
Added: Software\Policies\Microsoft\Internet Explorer\Control Panel\HomePage
Added: Software\Policies\Microsoft\Internet Explorer\Control Panel\Cache
Added: Software\Policies\Microsoft\Internet Explorer\Control Panel\Connwiz
Admin Lock
Added: Software\Policies\Microsoft\Internet Explorer\Control
Panel\Connection Settings
Added: Software\Policies\Microsoft\Internet Explorer\Control Panel\Proxy
Added: Software\Policies\Microsoft\Internet Explorer\Control
Panel\Autoconfig
Added: Software\Policies\Microsoft\Internet Explorer\Control Panel\Profiles
Added: Software\Policies\Microsoft\Internet Explorer\Control
Panel\Certificates
Added: Software\Policies\Microsoft\Internet Explorer\Control Panel\Ratings
Added: Software\Policies\Microsoft\Internet Explorer\Control
Panel\FormSuggest Passwords
Added: Software\Policies\Microsoft\Internet Explorer\Control Panel\Messaging
Added: Software\Policies\Microsoft\Internet Explorer\Control
Panel\CalendarContact
Added: Software\Policies\Microsoft\Internet Explorer\Control
Panel\ContentTab
Added: Software\Policies\Microsoft\Internet Explorer\Control
Panel\ConnectionsTab
Added: Software\Policies\Microsoft\Internet Explorer\Control
Panel\ProgramsTab
Added: Software\Policies\Microsoft\Internet Explorer\Control
Panel\AdvancedTab
Added: Software\Policies\Microsoft\MMC\RestrictAuthorMode
Added:
Software\Policies\Microsoft\MMC\{011BE22D-E453-11D1-945A-00C04FB984F9}\Restr
ict_Run
Added:
Software\Policies\Microsoft\MMC\{1AA7F839-C7F5-11D0-A376-00C04FC9DA04}\Restr
ict_Run
Added:
Software\Policies\Microsoft\MMC\{3CB6973D-3E6F-11D0-95DB-00A024D77700}\Restr
ict_Run
Added:
Software\Policies\Microsoft\MMC\{53D6AB1D-2488-11D1-A28C-00C04FB94F17}\Restr
ict_Run
Added:
Software\Policies\Microsoft\MMC\{58221C65-EA27-11CF-ADCF-00AA00A80033}\Restr
ict_Run
Added:
Software\Policies\Microsoft\MMC\{58221C66-EA27-11CF-ADCF-00AA00A80033}\Restr
ict_Run
Added:
Software\Policies\Microsoft\MMC\{58221C67-EA27-11CF-ADCF-00AA00A80033}\Restr
ict_Run
Added:
Software\Policies\Microsoft\MMC\{5ADF5BF6-E452-11D1-945A-00C04FB984F9}\Restr
ict_Run
Added:
Software\Policies\Microsoft\MMC\{5C659257-E236-11D2-8899-00104B2AFB46}\Restr
ict_Run
Added:
Software\Policies\Microsoft\MMC\{5D6179C8-17EC-11D1-9AA9-00C04FD8FE93}\Restr
ict_Run
Added:
Software\Policies\Microsoft\MMC\{677A2D94-28D9-11D1-A95B-008048918FB1}\Restr
ict_Run
Added:
Software\Policies\Microsoft\MMC\{7478EF61-8C46-11d1-8D99-00A0C913CAD4}\Restr
ict_Run
Added:
Software\Policies\Microsoft\MMC\{753EDB4D-2E1B-11D1-9064-00A0C90AB504}\Restr
ict_Run
Added:
Software\Policies\Microsoft\MMC\{8EAD3A12-B2C1-11d0-83AA-00A0C92C9D5D}\Restr
ict_Run
Added:
Software\Policies\Microsoft\MMC\{8F8F8DC0-5713-11D1-9551-0060B0576642}\Restr
ict_Run
Added:
Software\Policies\Microsoft\MMC\{90087284-d6d6-11d0-8353-00a0c90640bf}\Restr
ict_Run
Added:
Software\Policies\Microsoft\MMC\{95AD72F0-44CE-11D0-AE29-00AA004B9986}\Restr
ict_Run
Added:
Software\Policies\Microsoft\MMC\{A841B6C2-7577-11D0-BB1F-00A0C922E79C}\Restr
ict_Run
Added:
Software\Policies\Microsoft\MMC\{B91B6008-32D2-11D2-9888-00A0C925F917}\Restr
ict_Run
Added:
Software\Policies\Microsoft\MMC\{C9BC92DF-5B9A-11D1-8F00-00C04FC2C17B}\Restr
ict_Run
Added:
Software\Policies\Microsoft\MMC\{D967F824-9968-11D0-B936-00C04FD8D5B0}\Restr
ict_Run
Added:
Software\Policies\Microsoft\MMC\{DEA8AFA0-CC85-11d0-9CE2-0080C7221EBD}\Restr
ict_Run
Added:
Software\Policies\Microsoft\MMC\{E26D02A0-4C1F-11D1-9AA1-00C04FC3357A}\Restr
ict_Run
Added:
Software\Policies\Microsoft\MMC\{E355E538-1C2E-11D0-8C37-00C04FD8FE93}\Restr
ict_Run
Added:
Software\Policies\Microsoft\MMC\{EBC53A38-A23F-11D0-B09B-00C04FD8DCA6}\Restr
ict_Run
Added:
Software\Policies\Microsoft\MMC\{FD57D297-4FD9-11D1-854E-00C04FC31FD3}\Restr
ict_Run
Added: Software\Policies\Microsoft\Windows\CurrentVersion \Internet
Settings\AllowedControls\{D6526FE0-E651-11CF-99CB-00C04FD64497}
Added: Software\Policies\Microsoft\Windows\NetCache\NoCon figCache
Added: Software\Policies\Microsoft\Windows\NetCache\NoMak eAvailableOffline
Added: Software\Policies\Microsoft\Windows\NetCache\NoCac heViewer
Added: Software\Policies\Microsoft\Windows\Network Connections\NC_RasConnect
Added: Software\Policies\Microsoft\Windows\Network Connections\NC_LanConnect
Added: Software\Policies\Microsoft\Windows\Network
Connections\NC_LanProperties
Added: Software\Policies\Microsoft\Windows\Network
Connections\NC_RasMyProperties
Added: Software\Policies\Microsoft\Windows\Network
Connections\NC_RasAllUserProperties
Added: Software\Policies\Microsoft\Windows\Network
Connections\NC_RenameConnection
Added: Software\Policies\Microsoft\Windows\Network
Connections\NC_RenameMyRasConnection
Added: Software\Policies\Microsoft\Windows\Network
Connections\NC_AddRemoveComponents
Added: Software\Policies\Microsoft\Windows\Network
Connections\NC_ChangeBindState
Added: Software\Policies\Microsoft\Windows\Network
Connections\NC_LanChangeProperties
Added: Software\Policies\Microsoft\Windows\Network
Connections\NC_RasChangeProperties
Added: Software\Policies\Microsoft\Windows\Network
Connections\NC_NewConnectionWizard
Added: Software\Policies\Microsoft\Windows\Network
Connections\NC_DialupPrefs
Added: Software\Policies\Microsoft\Windows\Network
Connections\NC_AdvancedSettings
Added: Software\Policies\Microsoft\Windows\Network
Connections\NC_ShowSharedAccessUI
Added: Software\Policies\Microsoft\Windows\Network
Connections\NC_AllowAdvancedTCPIPConfig
Added: Software\Policies\Microsoft\Windows\System\Disable CMD
Exiting MemAppendPolicy
Entered MemAppendPolicy
Nothing to append.
Reading Group Policy Machine Flags from \HKLM\Software\Novell\Workstation
Manager\Group Policies
Reg key Software\Novell\Workstation Manager\Group Policies\Group Policy
Machine Flags not found. Assuming 0
Entered GPCopy(C:\WINNT\System32\GroupPolicy.WksCache,
C:\WINNT\System32\GroupPolicy, 0, handle, 0x0)
Error 3 copying C:\WINNT\System32\GroupPolicy.WksCache\GPT.ini to
C:\WINNT\System32\GroupPolicy\GPT.ini
GP_FLAG_APPLY_USER_SETTINGS (0x20), not set. Will not copy user folder
GP_FLAG_APPLY_COMP_SETTINGS (0x10), not set. Will not copy machine folder
GP_FLAG_APPLY_SECURITY_SETTINGS (0x40), not set, or security file already
copied. Will not copy security file
Error: no files copied.
Exiting GPCopy 0x2
Reading Group Policy User Flags from \HKLM\Software\Novell\Workstation
Manager\Group Policies
Read reg. value Group Policy User Flags: 0x80000060 in key
Software\Novell\Workstation Manager\Group Policies
Entered GPCopy(C:\WINNT\System32\GroupPolicy.UserCache,
C:\WINNT\System32\GroupPolicy, 0, handle, 0x80000060)
Copied C:\WINNT\System32\GroupPolicy.UserCache\GPT.ini to
C:\WINNT\System32\GroupPolicy\GPT.ini
Copied file
C:\WINNT\System32\GroupPolicy.UserCache\User\MICRO SOFT\IEAK\install.ins to
C:\WINNT\System32\GroupPolicy\User\MICROSOFT\IEAK\ install.ins
Copied file C:\WINNT\System32\GroupPolicy.UserCache\User\Regis try.pol to
C:\WINNT\System32\GroupPolicy\User\Registry.pol
GP_FLAG_APPLY_COMP_SETTINGS (0x10), not set. Will not copy machine folder
Copying security file
Copied file
C:\WINNT\System32\GroupPolicy.UserCache\Machine\Mi crosoft\Windows
NT\SecEdit\GptTmpl.inf to
C:\WINNT\System32\GroupPolicy\Machine\Microsoft\Wi ndows
NT\SecEdit\GptTmpl.inf
Copied file
C:\WINNT\System32\GroupPolicy.UserCache\Machine\Mi crosoft\Windows
NT\SecEdit\IPS1.dat to
C:\WINNT\System32\GroupPolicy\Machine\Microsoft\Wi ndows NT\SecEdit\IPS1.dat
Copied file
C:\WINNT\System32\GroupPolicy.UserCache\Machine\Mi crosoft\Windows
NT\SecEdit\IPS2.dat to
C:\WINNT\System32\GroupPolicy\Machine\Microsoft\Wi ndows NT\SecEdit\IPS2.dat
Copied file
C:\WINNT\System32\GroupPolicy.UserCache\Machine\Mi crosoft\Windows
NT\SecEdit\IPS3.dat to
C:\WINNT\System32\GroupPolicy\Machine\Microsoft\Wi ndows NT\SecEdit\IPS3.dat
Exiting GPCopy 0x0
Entered writeData. File: C:\WINNT\System32\GroupPolicy\User\Registry.pol
Exiting writeData 0x0
Entered writeData. File: C:\WINNT\System32\GroupPolicy\Machine\Registry.pol
No data.
Exiting writeData 0x0
Exiting MergeAndSavePolicies 0x0
Entered GenerateGptFile(C:\WINNT\System32\GroupPolicy)
g_dwVersion: 0xc200c1.
Writing GPT Version to \HKLM\Software\Novell\Workstation Manager\Group
Policies
Wrote reg. value 0xc200c1 to GPT Version in key Software\Novell\Workstation
Manager\Group Policies
Exiting GenerateGptFile 0x0
Exiting ApplyGroupPolicy 0x0
Writing Group Policy User Status to \HKLM\Software\Novell\Workstation
Manager\Group Policies
Wrote reg. value 0x2000 to Group Policy User Status in key
Software\Novell\Workstation Manager\Group Policies
Writing Group Policy User Flags to \HKLM\Software\Novell\Workstation
Manager\Group Policies
Wrote reg. value 0x80000060 to Group Policy User Flags in key
Software\Novell\Workstation Manager\Group Policies
Writing Group Policy User Status to \HKLM\Software\Novell\Workstation
Manager\Group Policies
Wrote reg. value 0x3000 to Group Policy User Status in key
Software\Novell\Workstation Manager\Group Policies
Entered AppendSecuritySettings
Inf path: C:\WINNT\System32\GroupPolicy\Machine\Microsoft\Wi ndows
NT\SecEdit\GptTmpl.inf
Dispatching SECEDIT.EXE /configure /DB ZENDB /CFG
"C:\WINNT\System32\GroupPolicy\Machine\Microsoft\W indows
NT\SecEdit\GptTmpl.inf" /log c:\GPSecApp.log.
LoadHive entered
LoadHive exit : 0
Exiting AppendSecuritySettings 0x0
Signalling OS to refresh policies
RegQueryValueEx returned 2
Policies are set to apply asynchronously
Policies will be processed asynchronously
Entered SetGptVersion(0x0, TRUE).
Reading GPT Version from \HKLM\Software\Novell\Workstation Manager\Group
Policies
Read reg. value GPT Version: 0xc200c1 in key Software\Novell\Workstation
Manager\Group Policies
Read file C:\WINNT\System32\GroupPolicy\GPT.ini
Found version 0xc200c1 in gpt.ini
Using version: 0xc200c1
Saving GPT version: 0xc300c2
Writing GPT Version to \HKLM\Software\Novell\Workstation Manager\Group
Policies
Wrote reg. value 0xc300c2 to GPT Version in key Software\Novell\Workstation
Manager\Group Policies
Exiting SetGptVersion 0x0.
Applied Computer Policy.
Applied User Policy.
Exiting ApplyPolicies 0x0
Writing Last Run Time High to \HKLM\Software\Novell\Workstation
Manager\Group Policies
Wrote reg. value 0x1c4c14a to Last Run Time High in key
Software\Novell\Workstation Manager\Group Policies
Writing Last Run Time Low to \HKLM\Software\Novell\Workstation Manager\Group
Policies
Wrote reg. value 0xdd4dad14 to Last Run Time Low in key
Software\Novell\Workstation Manager\Group Policies
Apply user policies releasing mutex.
Exiting WMHelperInteractiveUserEntry ccode: 0x0
Closing log file.
WMHelperInitialization (Sep 22 2003) called! Flags: 0x2001. Event: 0x2000.
Impersonation: 0x1
Opened Mutex.
Loaded userenv.dll
Mapped function RefreshPolicy
Mapped function RegisterGPNotification
Mapped function UnregisterGPNotification
Exiting WMHelperInitialization. Returning flags: 0x11
Entering WMHelperInteractiveUserEntry!
szFullDN = CN=test2006.OU=2006.OU=STUDENTS.O=STJ
DN is Typed convert it to TYPELESS
g_szUserDN = test2006.2006.STUDENTS.STJ
GinaGetUsersSIDInTextualForm ENTERED
Textual SID : S-1-5-21-1908370602-1493435055-278805897-1055
GinaGetUsersSIDInTextualForm EXIT : 0
Writing Don't reparse to \HKLM\Software\Novell\Workstation Manager\Group
Policies
Wrote reg. value 0x0 to Don't reparse in key Software\Novell\Workstation
Manager\Group Policies
Current time high: 0x1c4c14a
Reading Last Run Time High from \HKLM\Software\Novell\Workstation
Manager\Group Policies
Read reg. value Last Run Time High: 0x1c4c14a in key
Software\Novell\Workstation Manager\Group Policies
Previous time high: 0x1c4c14a
Writing Don't reparse to \HKLM\Software\Novell\Workstation Manager\Group
Policies
Wrote reg. value 0x1 to Don't reparse in key Software\Novell\Workstation
Manager\Group Policies
Writing User Logged In to \HKLM\Software\Novell\Workstation Manager\Group
Policies
Wrote reg. value 0x1 to User Logged In in key Software\Novell\Workstation
Manager\Group Policies
Entered CheckForObsoleteWksCache CN=00:0D:60:40:D8:B7.OU=WORKSTATIONS.O=STJ.
Full Object DN
CN=00:0D:60:40:D8:B7.OU=WORKSTATIONS.O=STJ.OU=2006 .OU=STUDENTS.O=STJ
Calling WMGetAllAssociatedObjects(FALSE, MANGO, 1,
CN=00:0D:60:40:D8:B7.OU=WORKSTATIONS.O=STJ.OU=2006 .OU=STUDENTS.O=STJ, WINNT
Workstation Package, zenwmGroupPolicy, 512, pBuffer)
WMGetAllAssociatedObject returned 103
No associated workstation policies. Deleting
C:\WINNT\System32\GroupPolicy.WksCache.
DeleteGPRegVal: Error 0x2 deleting Group Policy Machine Flags
DeleteGPRegVal: Error 0x2 deleting Group Policy Machine Status
Exiting CheckForObsoleteWksCache 103
Applying user policies
Reading Don't reparse from \HKLM\Software\Novell\Workstation Manager\Group
Policies
Read reg. value Don't reparse: 0x1 in key Software\Novell\Workstation
Manager\Group Policies
Reading Group Policy User Status from \HKLM\Software\Novell\Workstation
Manager\Group Policies
Read reg. value Group Policy User Status: 0x3000 in key
Software\Novell\Workstation Manager\Group Policies
Read reg. key Group Policy User Status: 0x3000
Policy applied at predesktop. Skipping reapplication at user login.
Writing Don't reparse to \HKLM\Software\Novell\Workstation Manager\Group
Policies
Wrote reg. value 0x0 to Don't reparse in key Software\Novell\Workstation
Manager\Group Policies
Writing Last Run Time High to \HKLM\Software\Novell\Workstation
Manager\Group Policies
Wrote reg. value 0x1c4c14a to Last Run Time High in key
Software\Novell\Workstation Manager\Group Policies
Writing Last Run Time Low to \HKLM\Software\Novell\Workstation Manager\Group
Policies
Wrote reg. value 0xe0da0d06 to Last Run Time Low in key
Software\Novell\Workstation Manager\Group Policies
Apply user policies releasing mutex.
Exiting WMHelperInteractiveUserEntry ccode: 0x0
Closing log file.Paul,
It appears that in the past few days you have not received a response to your posting. That concerns us, and has triggered this automated reply.
Has your problem been resolved? If not, you might try one of the following options:
- Do a search of our knowledgebase at http://support.novell.com/search/kb_index.jsp
- Check all of the other support tools and options available at http://support.novell.com in both the "free product support" and "paid product support" drop down boxes.
- You could also try posting your message again. Make sure it is posted in the correct newsgroup. (http://support.novell.com/forums)
If this is a reply to a duplicate posting, please ignore and accept our apologies and rest assured we will issue a stern reprimand to our posting bot.
Good luck!
Your Novell Product Support Forums Team
http://support.novell.com/forums/ -
Username and Password Prompt Blocked Internet Explorer
I'm not sure that's IE behavior. I've never seen nor read about it before.
Hi All and thanks for your help!
I've wasted hours trying to find which of my (many many group policies) might be causing the IE to block the username / password prompt on this website.
What I've tried :
1. testing GPOs one by one on a VM to check which one is causing this
2. adding the site to trusted, local internet and what not
3. disabling credentials pass-through in IE
Can anyone please tell me which registry setting controls this behavior ?
This topic first appeared in the Spiceworks Community -
ASA 5505 VPN Group Policies (RADIUS) and tunnel group
I have a single ASA firewall protecting a small private developing network, and I need it in order to access remotely to two distinct network spaces both of wich are VLAN tagged: 1 is LAN and 3 is management. Each net has its own IP address space and DNS server.
I'd like to set up Anyconnect to land on lan 1, and SSL VPN in order to see the IPMI and management websites sitting on VLAN 3. In order to make things "safer" I have found a free OTP solution, OpenOTP, and I decided to implement it on a virtual machine, setting up a radius bridge to allow user authentication for VPN. I can pass wichever attribute I'd like to using this radius bridge (for example "Class" or "Group-Policy" or whatever is included in the radius dictionaries).
Actually all I need is quite simple. I have to segregate my remote users in 2 groups, one for Anyconnect, and one for SSL based on the radius response from authentication. (I don't need authorization nor accounting) I'm no Cisco Pro, what I've learnt is based on direct "on the field" experience.
I'm using two radius users for testing right now, one is called "kaisaron78" associated to a group policy "RemoteAC" and a second one called "manintra" associated to a group policy called "SSLPolicy". "kaisaron78" after logging in should only see the Anyconnect "deployment portal", while "manintra" should see the webvpn portal populated with the links specified in the URL list "Management_List". However, no matter what I do, I only see the default "clean" webvpn page. This is an example of "sh vpn-sessiondb webvpn" for both users..
Session Type: WebVPN
Username : kaisaron78 Index : 1
Public IP : 172.16.0.3
Protocol : Clientless
License : AnyConnect Premium
Encryption : Clientless: (1)RC4 Hashing : Clientless: (1)SHA1
Bytes Tx : 518483 Bytes Rx : 37549
Group Policy : RemoteAC Tunnel Group : DefaultWEBVPNGroup
Login Time : 10:59:33 CEDT Mon Aug 18 2014
Duration : 0h:00m:23s
Inactivity : 0h:00m:00s
VLAN Mapping : N/A VLAN : none
Audt Sess ID : c0a801fa0000100053f1c075
Security Grp : none
Asa5505# sh vpn-sessiondb webvpn
Session Type: WebVPN
Username : manintra Index : 2
Public IP : 172.16.0.3
Protocol : Clientless
License : AnyConnect Premium
Encryption : Clientless: (1)RC4 Hashing : Clientless: (1)SHA1
Bytes Tx : 238914 Bytes Rx : 10736
Group Policy : SSLPolicy Tunnel Group : DefaultWEBVPNGroup
Login Time : 11:01:02 CEDT Mon Aug 18 2014
Duration : 0h:00m:05s
Inactivity : 0h:00m:00s
VLAN Mapping : N/A VLAN : none
Audt Sess ID : c0a801fa0000200053f1c0ce
Security Grp : none
As you can see, it seems like the policies are assigned correctly by radius attribute Group-Policy. However, for example you'll notice no vlan mapping, even if I have declared them explicit in group policies themselves. This is the webvpn section of the CLI script I used to setup remote access.
! ADDRESS POOLS AND NAT
names
ip local pool AnyConnect_Pool 192.168.10.1-192.168.10.20 mask 255.255.255.0
object network NETWORK_OBJ_192.168.10.0_27
subnet 192.168.10.0 255.255.255.224
access-list Split_Tunnel_Anyconnect standard permit 192.168.1.0 255.255.255.0
nat (inside,outside) source static any any destination static NETWORK_OBJ_192.168.10.0_27 NETWORK_OBJ_192.168.10.0_27 no-proxy-arp route-lookup
! RADIUS SETUP
aaa-server OpenOTP protocol radius
aaa-server OpenOTP (inside) host 192.168.1.8
key ******
authentication-port 1812
accounting-port 1814
radius-common-pw ******
acl-netmask-convert auto-detect
webvpn
port 10443
enable outside
dtls port 10443
anyconnect image disk0:/anyconnect-win-3.1.05170-k9.pkg 1
anyconnect profiles AnyConnect_Profile_client_profile disk0:/AnyConnect_Profile_client_profile.xml
anyconnect enable
! LOCAL POLICIES
group-policy SSLPolicy internal
group-policy SSLPolicy attributes
vpn-tunnel-protocol ssl-clientless
vlan 3
dns-server value 10.5.1.5
default-domain value management.local
webvpn
url-list value Management_List
group-policy RemoteAC internal
group-policy RemoteAC attributes
vpn-tunnel-protocol ikev2 ssl-client
vlan 1
address-pools value AnyConnect_Pool
dns-server value 192.168.1.4
split-tunnel-policy tunnelspecified
split-tunnel-network-list value Split_Tunnel_Anyconnect
default-domain value home.local
webvpn
anyconnect profiles value AnyConnect_Profile_client_profile type user
group-policy SSLLockdown internal
group-policy SSLLockdown attributes
vpn-simultaneous-logins 0
! DEFAULT TUNNEL
tunnel-group DefaultRAGroup general-attributes
authentication-server-group OpenOTP
tunnel-group DefaultWEBVPNGroup general-attributes
authentication-server-group OpenOTP
tunnel-group VPN_Tunnel type remote-access
tunnel-group VPN_Tunnel general-attributes
authentication-server-group OpenOTP
default-group-policy SSLLockdown
!END
I had to set up DefaultWEBVPNGroup and RAGroup that way otherwise I couldn't authenticate using radius (login failed every time). Seems like in ASDM the VPN_Tunnel isn't assigned to AnyConnect nor to Clientless VPN client profiles. Do I have to disable both default tunnel groups and set VPN_Tunnel as default on both connections in ASDM ? I know I'm doing something wrong but I can't see where the problem is. I'm struggling since may the 2nd on this, and I really need to finish setting this up ASAP!!!!
Any help will be more than appreciated.
Cesare GiulianiOk, it makes sense.
Last question then I'll try and report any success / failure. In this Cisco webpage, http://www.cisco.com/c/en/us/td/docs/security/asa/asa84/configuration/guide/asa_84_cli_config/ref_extserver.html#wp1661512 there's a list of supported radius attributes. Actually I'm using number 25 Group-Policy, in order to get the correct group policy assigned to users. I see, in that list an attribute 146 Tunnel-Group-Name. Will it work out for the purpose you explained in the previous post ? I mean, if I set up two tunnel groups instead of 1, 1 for anyconnect with its own alias and its own url, and 1 for SSL VPN again with its own alias and url, do you think that using that attribute will place my users logging in into the correct tunnel group ?
Thank you again for your precious and kind help, and for your patience as well!
Cesare Giuliani -
Our Bank's core processor has rewritten their product to run in a web browser. Their browser of choice is Firefox 3.6. The specifications from our core processor specify specific security and settings parameters that must be adhered to by all users for their product to run properly. Is there a way to globally configure these settings via the registry or group policies to insure everyone who logs in to a given workstation opens Firefox with the same settings? Thank you for any assistance you can provide - Steve Gish, First Bank Kansas.
== User Agent ==
Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)You can try:
*http://kb.mozillazine.org/Locking_preferences -
Office 365 Group Policies question
We initially deployed Office 365 with updates turned off so about half of our users have an old version of Office 365. We want to now manage the updates using the new group policies for O365. I read this statement ...In
order for these four new policy settings to work, you will need to have at least the April 2014 build of Office 2013 Click-to-Run (Build 15.0.4605.1003) and download the latest Administrative templates files (ADMX/ADML).
Does this mean that the version on the PC has to have at least the April 2014 build to use the policies? If that's true how would I go about updating the users who have automatic updates turned off. there are a couple of thousand users.Does this mean that the version on the PC has to have at least the April 2014 build to use the policies? If that's true how would I go about updating the users who have automatic updates turned off. there are a couple of thousand users.
Yes.
Depending on how you deployed/deploy Office365ProPlus, and, the tools/techniques available to you in your environment, there are some options.
a) re-deploy Office365ProPlus to the computers. Use the latest build version.
b) check the relevant registry settings, and if correction is needed, deploy the correct registry settings.
These articles may help you to determine which of the multiple scenarios you have to deal with:
http://community.office365.com/en-us/f/156/t/220142.aspx
http://blogs.msdn.com/b/modonovan/archive/2014/04/09/office-365-pro-plus-fails-to-update-or-fails-with-error-code-30088-27.aspx
http://social.technet.microsoft.com/Forums/office/en-US/4369357e-5de9-4755-8f2c-33ae948b14fb/manually-triggering-updates-in-office-2013?forum=officeitpro
http://blogs.technet.com/b/office_resource_kit/archive/2013/06/17/automating-quick-repairs-in-office-365-proplus.aspx
http://blogs.technet.com/b/odsupport/archive/2014/03/03/the-new-update-now-feature-for-office-2013-click-to-run-for-office365-and-its-associated-command-line-and-switches.aspx
Don
(Please take a moment to "Vote as Helpful" and/or "Mark as Answer", where applicable.
This helps the community, keeps the forums tidy, and recognises useful contributions. Thanks!) -
SSL Multiple Tunnel Groups with Multiple group policies
Hello folks.
Have a query and cant seem to find an answer on the web.
I have configured SSL Clientless VPN on a lab ASA5510, using 2 tunnel groups, one for enginneers and one for staff, mapped to 2 different group policies, each with different customisation. I have mapped the AD groups to the tunnel groups using both ACS and now LDAP (currently in use), both working successfully, using group lock and LDAP map of IETF-Radius-Class to Group name ensures engineers get assigned to the engineers tunnel group and staff get mapped to the staff tunnel group only.
The question i have is....is there a way to use a single tunnel group to map the user based on AD group which will then use the correct Group-policy (1 tunnel group to multiple group-polciies). I have seen examples of doing this with different URLs but want to know if they can all use the same URL and avoid using the drop down list using aliases.
It may be a simple "No" but it would be nice to know how to do it without using the URLs or drop down list. Users are easily confused ......Easy. Disable the drop-down list, and use the authentication-server (LDAP or Radius) in the DefaultWEBVPNGroup. By default when you browse to the ASA, it will be using the DefaultWEBVPNGroup. Let LDAP or Radius take care of the rest.
You will get the functionality you are looking for.
HTH
PS. If this post was helpful, please rate it.
Maybe you are looking for
-
Can I stream the BT Sport app to my TV?
Can I stream the BT Sport app to my TV? The BT Sport app is compatible with both Apple TV and Google Chromecast devices, allowing you to watch video from the app on your television. For either to work, the device on which you are running the BT Sport
-
Problems with driver for ATI xpress 200
Hi all, this morning I saw that there is KDE4 available. Straight away I installed the packages, run it and it crashed. There was a funny graphical effect just before the crash. This gave me the impression that the problems comes from the graphical d
-
I can't print a label for my burned CD with the new ITunes format
Where can I find a place on the new ITunes format to print a CD Label?
-
Since 5/2/11, the Google Moble app returns results in which the page links are not active, i.e. they will not open. Normally they either open from with the Google Mobile app, or open within the s60 browser (shown as "Web" in the applications folder)
-
Hello, I configured some VRF -s and redistribution between them using import and export maps on vrf configuration. The route-maps are matching prefix list statements to allow import and export. The problem is that i have to clear bgp for the changes