Increase Quotas in Local Security Policy of Windows 2000

  • Thread starter Thread starter JD
  • Start date Start date
J

JD

Hi All,

I've done the basic research on the "Increase quotas" setting in Local
Security Policy | User Rights Assignment of Windows 2000 Server but
have yet to find a straight answer to the question below.

If I remove Administrators from the Effective Setting will it cause
harm? So far my test server seems to function correctly, Performance
Monitoring works great, that is what I read may be impacted. I realize
Cluster Administrator and SQL service related accounts will need this
setting but does the whole Administrators group require access?

Any advice is greatly appreciated.
Thanks -
JD
 
If everything works well I would not worry about not including administrators
keeping in mind that if something does not work as it should at a later time you
may need to tweak that user right if that is the problem. I also suggest that
you enable auditing of privilege use for failure on your servers as it should
record a failure event for a privilege [user right] if the user tries to perform
a task that requires a user right that he does not have. There are a few common
user rights that are not audited unless you make a registry change if you have a
need to audit them. The link below explains more. --- Steve

http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/521.mspx
--- auditing of privilige use.
 
Back
Top