Manual adding:
In run type—secpol.msc-->Click on Local Policies-->Click On user right assignment-->Access this computer from network
How to add using NT
rights.exe
You can download NT rights tool from the below link
Command available in NT rights
Grants/Revokes NT-Rights to a user/group
usage: -u xxx User/Group
-m \\xxx machine to perform the operation on (default
local machine)
-e xxxxx Add xxxxx
to the event log
-r xxx revokes the xxx right
+r xxx grants the xxx right
The following is a list
of logon user rights that you can modify by using the NTRights utility.
|
User Right
|
Explanation
|
|
SeNetworkLogonRight
|
Access this computer
from the network
|
|
SeInteractiveLogonRight
|
Log on locally
|
|
SeBatchLogonRight
|
Log on as a batch
job
|
|
SeServiceLogonRight
|
Log on as a service
|
|
SeDenyNetworkLogonRight
|
Deny access this
computer from the network
|
|
SeDenyInteractiveLogonRight
|
Deny log on locally
|
|
SeDenyBatchLogonRight
|
Deny log on as a
batch job
|
|
SeDenyServiceLogonRight
|
Deny log on as a
service
|
|
SeCreateGlobalPrivilege
|
Create global
objects
|
|
SeDebugPrivilege
|
Debug programs
|
|
SeDenyRemoteInteractiveLogonRight
|
Deny log on through
Terminal Services
|
|
SeEnableDelegationPrivilege
|
Enable computer and
user accounts to be trusted for delegation
|
|
SeImpersonatePrivilege
|
Impersonate a client
after authentication
|
|
SeManageVolumePrivilege
|
Perform volume
maintenance tasks
|
|
SeRemoteInteractiveLogonRight
|
Allow log on through
Terminal Services
|
|
SeSyncAgentPrivilege
|
Synchronize
directory service data
|
|
SeUndockPrivilege
|
Remove computer from
docking station
|
Command line for adding AD group to access this computer
from the network:
Copy ntrights.exe to system32
In command prompt type below command
Ntrights.exe –u “Test
AD” +R SeNetworkLogonRight
Command line for removing AD group to access this computer
from the network
Copy ntrights.exe to system32
In command prompt type below command
Ntrights.exe –u “Test
AD” -R SeNetworkLogonRight
No comments:
Post a Comment