none
Local Security Policy

    Question

  • I have been searching for while but could not find an answer to this issue. I am on Windows Server 2008 R2 Enterprise edition and in Local Security Policy I am unable to select "Disable" for Network Access: Do not allow storage of passwords and credentials for network authentication.  This option is grayed out for me and the reason I need to change it is because I have some tasks in task scheduler that I need to run at the highest privileges but it errors out when doing so. After some research, i found that the resolution was to allow storage of those credentials. How do I get around this problem?
    Monday, July 22, 2013 3:55 PM

Answers

  • Hi,

    "Disabled" is the default state of this setting, i.e., the default state permits the storage of passwords and credentials.
    If you set this setting to the non-default of "Enabled", you are invoking the denial of storage of those tokens.

    As to why you are unable to change the setting, you need to be logged on with privilege and also be elevated (using the Local Administrator account will get you this).
    You could also be under the constraint of AD Group Policy ? (Domain GP overrides Local GP)


    Don
    (Please take a moment to "Vote as Helpful" and/or "Mark as Answer", where applicable.
    This helps the community, keeps the forums tidy, and recognises useful contributions. Thanks!)

    • Marked as answer by LluvianBlack Monday, July 29, 2013 1:09 PM
    Tuesday, July 23, 2013 2:03 AM