Local Security Policy not showing up in GPRESULT

I was double checking some security settings on one of our systems. I could trace back everything to group membership and Group Policy, except for one thing. There was a ‘SeImpersonatePrivilege’ in a user token (verified via ProcessExplorer) yet it was nowhere to be found.

Normally this is the sort of thing you’d find via GPRESULT except that, too, came up blank. Impersonation was not configured. I decided to manually check the Local Security Security policy and there it was.

That solved half my problem. I had a full understanding of where every security configuration came from. The other half was still not clear: Why didn’t it show up in GPRESULT. Because GPRESULT -does- take Local Group Policy into account yet it didn’t show those specific settings.

As it turns out, RSOP gathers policies data from a Common Information Model Object Management (CIMOM) database on the local computer. Local Group Policy is not stored in this database and cannot be queried by RSOP. Gpedit.msc and secpol.msc just edits system settings directly.

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

IUnknown

My personal slice of internet :-)

Leave a Reply Cancel reply

Share this:

Like this:

Related

Leave a Reply Cancel reply