O'Reilly logo

Managing The Windows 2000 Registry by Paul Robichaux

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Distributing Policies

Once you’ve created policy files that contain the access controls you want to enforce, you still have to get those policies to each machine you want to be under policy control. This process, called policy distribution, is probably the most complex part of the policy development process, since how you do it depends on whether you want to use policies on one machine, a few machines, or many machines.

Applying Policies to One Machine at a Time

The simplest way to apply policies is to put them on individual machines. For example, you might want to apply policies to keep transient users from making changes to the configuration of public workstations in a library, factory floor, or conference room. For this type of requirement, you don’t need to blast policies to every machine on a network; a more surgical approach lets you put policies only where you really need them.

Setting policies on the local machine

POLEDIT allows you to edit the local computer’s Registry using the same interface you’d use to edit policies. When you use the FileOpen Registry command, POLEDIT acts as if you’d opened a new policy file, but it actually loads data from the local Registry and displays it as two user policies: “Local User” and “Local Computer” instead of “Default User” and “Default Computer.”

You can edit the contents of these policies as though you were editing any other policy. However, you can’t create new user, group, or computer policies while the local Registry is open. ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required