D
Dups
I am a consultant of a large company. I take care of several workstations in
my office. They are all Windows XP SP2. All workstations are on the same
domain.
I have all the people that use the workstations and myself setup as local
admins. When anyone of them tries going to www.update.microsoft.com they get
the error message saying that some policies are preventing them from
accessing the site. However, if I log on with my domain username I am able
to access the update site.
I have never asked to be a member of a domain group that has more access
than a regular user. However, from what I am experiencing with the update
site I assume that my username is part of some sort of domain group that has
access to the windows update site (or is there another explanation?)
So here are my questions.
Q1: With what you've read above. Is there another explanation as to why I
can access the windows update site while others cannot?
To my knowledge when you add a workstation onto the domain. There are domain
policies that come into effect. The domain policies should take over any
local policies that are in effect.
Q2: Can domain policies be applied different to different users depending on
the domain groups they belong to?
All workstations have "Download updates for me, but let me choose when to
install them" selected (greyed out so I assume the domain policy has choosen
this). This is fine, however, nobody ever receives a popup declaring that
there are updates needing to be installed. (I checked the local group
policies for Automatic Updates and there is nothing configured to disable the
pop ups). So I check the security center and notice that, once again
assuming, that the "Change the way Security Center alerts me" option is
greyed out. I assume that the option for Windows Update is not enabled in
here and this is the reason why nobody is receiving a notice that updates are
required. The only option I found in the local group policy editor is "Turn
on Security Center (Domain PCs only). Which doesn't seem to be an option that
will help fix my problem.
Q3: Is there a way to edit something in either the local group policies,
registry or somewhere that would allow me to "ungrey" the greyed out options
in Security Center?
my office. They are all Windows XP SP2. All workstations are on the same
domain.
I have all the people that use the workstations and myself setup as local
admins. When anyone of them tries going to www.update.microsoft.com they get
the error message saying that some policies are preventing them from
accessing the site. However, if I log on with my domain username I am able
to access the update site.
I have never asked to be a member of a domain group that has more access
than a regular user. However, from what I am experiencing with the update
site I assume that my username is part of some sort of domain group that has
access to the windows update site (or is there another explanation?)
So here are my questions.
Q1: With what you've read above. Is there another explanation as to why I
can access the windows update site while others cannot?
To my knowledge when you add a workstation onto the domain. There are domain
policies that come into effect. The domain policies should take over any
local policies that are in effect.
Q2: Can domain policies be applied different to different users depending on
the domain groups they belong to?
All workstations have "Download updates for me, but let me choose when to
install them" selected (greyed out so I assume the domain policy has choosen
this). This is fine, however, nobody ever receives a popup declaring that
there are updates needing to be installed. (I checked the local group
policies for Automatic Updates and there is nothing configured to disable the
pop ups). So I check the security center and notice that, once again
assuming, that the "Change the way Security Center alerts me" option is
greyed out. I assume that the option for Windows Update is not enabled in
here and this is the reason why nobody is receiving a notice that updates are
required. The only option I found in the local group policy editor is "Turn
on Security Center (Domain PCs only). Which doesn't seem to be an option that
will help fix my problem.
Q3: Is there a way to edit something in either the local group policies,
registry or somewhere that would allow me to "ungrey" the greyed out options
in Security Center?