Using local Security Policies in Windows XP
Windows XP Professional Edition allows full User Management and Security.
The permissions assigned to the Usergroups (assigned in User Management to users)
are defined in the Local Security Policies: select in the Control-panel :
"Administrative Tools" :
Local Security Policy
Select in the tree-view on the left : Security Settings / Local Policies / User Rights Assignment :
The "policies" are the permissions, which are/can be assigned to Usergroups
(and also to single usernames, although it is a kind of tradition to assign permissions to a usergroup
and then make the user a member of the usergroup to get the permissions ).
|Double click on a policy/permission to display|
the list of usergroups, which have already this
Note : all users created in User Management
are automatically member of the Usergroup
To add a usergroup, use the button
"Add User or Group..."
|To get a lookup of the|
usergroups and users, select
|Use the button "Find Now"|
to display the list of Users
and UserGroups, then
select to assign the permission.
The Local Security Policies also define some rules for the use of passwords:
By default, users will be requested to change their passwords every 42 days
(unless you have declared a password to "never expire" in User management ).
|Double-click the entries to change the values.|
You can change the password to expire
already in less days or in more days (max. 999).
|If you like to avoid password changes,|
change the value to 0.
The security policies also allow to define the behavior of the system, if somebody is entering
a bad/wrong password several times : it could be an intruder, making some guesses of passwords
and trying them: