We have a few servers we want to use DCM against that are not domain members. We have created a baseline in SCM from the WS03-EC-Member-Server baseline and exported it to a GPO backup. Next we used LocalGPO tool to import the settings on to the server. If we use Local Security Setting tool on the server, we can see the setting have been applied correctly. But when we evaluate the server against the DCM baseline created from the same baseline used to create the GPO backup, the server is found to be non-compliant, in fact it doesn't seem to see any of the settings. Does anyone know what might cause this?Thursday, February 17, 2011 7:49 PM
If it is showing Non-compliant, is it reporting 0 instances found, or is it finding something that is different than the expected value?
This posting is provided "AS IS", provides no warranties, and confers no rights. -- KevinMonday, February 28, 2011 7:03 PMModerator
It is showing results other then expected.
For example for the "Audit account logon events" setting, it is looking for the result of "Success", but reporting the current value as "No Audting", eve thoigh when I launch the Local Security settings MMC and look I see the Audit Account logon events is set to "Success"Monday, February 28, 2011 7:17 PM
This is strange. I would think if it were a bug it would just not be finding the setting. The fact that it is discovering a valid result of "No Auditing", it must be getting it from somewhere.
So, the question is, is this related to rights (DCM runs as system account on the machine), or is it related to local policy vs. domain policy?
I don't know much about GPO, but that's where I'd start looking.
This posting is provided "AS IS", provides no warranties, and confers no rights. -- KevinWednesday, March 02, 2011 12:25 AMModerator