select in the Control-panel:
Local Security Policy
Select in the tree-view on the left : Security Settings / Local Policies / User Rights Assignment:
The "policies" are the permissions, which are/can be assigned to Usergroups (and also to single usernames, although it is a kind of tradition to assign permissions to a usergroup and then make the user a member of the usergroup to get the permissions ).
Double click on a policy/permission to display the list of usergroups, which have already this permission.
Note : all users created in User Management are automatically member of the Usergroup "Everyone"
To add a usergroup, use the button "Add User or Group..."
To get a lookup of the usergroups and users, select "Advanced"
Use the button "Find Now" to display the list of Users and UserGroups, then select to assign the permission.
The Local Security Policies also define some rules for the use of passwords:
By default, users will be requested to change their passwords every 42 days (unless you have declared a password to "never expire" in User management).
Double-click the entries to change the values.
You can change the password to expire already in less days or in more days (max. 999).
If you like to avoid password changes, change the value to 0.
The security policies also allow to define the behavior of the system, if somebody is entering a bad/wrong password several times : it could be an intruder, making some guesses of passwords and trying them: