Anyone got any experience implementing Win2k workstations on an NT4 network.

Have setup a downloadablec NTCONFIG.POL on the NTV4 servers , replication is happening on all bdc's so they all have a copy of the ntconfig.pol and the usual startup batch files - the machine end of the policies seem to be taking effect but the user policies are non-existant.

All desktop systems are win2k pro.

We have two non-DC win2k servers but management have decided that AD is a no-go as we will be implementing Novell NDS soon so group policy is a nono!!!

Im just a bit flummoxed by the user policies (in ntconfig.pol) not taking effect in 2000 Pro domain logins - Is there something I have missed???

Are you seeking to enforce mandatory policies? Don't forget the old xxxxx.MAN thing.

No bill just trying to get the user policy to work.

Fixed it anyway only through sheer persistence as none of my microsoft books gives any info away but apparently I created a new group - assigned the user to the group and applied the policy to the group and it worked - doesnt seem to work with individual users - only Machine Account and Group Acccount.

Ah Weel at least its another biot of knowledge into the personal database!!!

Think you're thinking of profiles not policies with the old .man.
Cheers for replying anyway!!

Well - I still haven't been given the opportunity to bone up on my enterprise skills. No one is hiring. :(

Know what you mean - wages are disastrous here - have been wondering whether it was worth my while studying IT (Remember the days when yer mum said - Computers are the future son - a good steady career with plenty of scope for wages etc)....

If only life was as good as mums cherry pie eh!!!
:D
:t

Never mind have just got a contract to install a cisco aironet network , spec it and link it into the existing cisco systems so should be able to put my new CCNP to the test so to speak - hehe...So be prepared for some Cisco related WLan questions later when everything goes belly up!!!
:D

CCNP and no wage rise - crazy or what?

What a shame. :(

Yeah shame for the company I work for - A few more training courses - Got Novell CNE and Groupwise next for the new rollout and then Im off to a better paid job if I can find one - Well serves them right!!!

Comapnies think they can throw training at you and expect you to accept that as a wage rise - Really!!!!

:eek:

:t

Getting back to the original question, you could create a local policy on a win2k workstation and then export that as a template using secedit. I haven't tried this on my network, since I have group policies, but it's worth looking into.

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/winxppro/proddocs/Secedit_cmds.asp

As for the training ****, I don't get jack either. They expect so much because they don't comprehend what is required to run a network. No one pats you on the back when everything is running. The only time they notice I'm alive is when there is a problem. :p

I should have given more info at the beginning.

The machines in question are to be deployed as internet kiosks in a library - they have to be locked down to the max - only IE is to be accessed - every possible security lockdown - so I cant create a win2k policy local as it will require locking hte machine completely out.

The NTV4 policy takes care of most of the individual policy so I can logon as local admin and change the machine name etc when i replicate it once its built - If I just use local policy 2000 the local admin would be locked out as well!!!

So the ntv4 policy lets me back in and the remaining windows 2000 local policy i have setup basically locks down everything else the ntv4 cant - like the ie properties pages.

Its a real pain having to do it this way but not having AD makes running a ntv4 domaina real pain if you want to apply some serious policies!!!

Ive done it before using batch files to manually fiddle with the registry but that takes development time and I dont have the time at the mo what with a Wireless network to spec , order and configure within 3 weeks - All being Cisco gear it makes the job a bit easier though!!!