Rule Check: Local User Rights Assignment (Windows)
The Local User Rights Assignment check for Windows verifies whether the provided set of users and/or groups encompasses all who are assigned to the specified user right (policy) on a scanned server.
User Rights Assignment is part of the Local Security Policy on a Windows server. It assigns users and groups to each security right on the server. Over 40 different rights are defined.
This check passes if all users and groups on the supplied list have the selected right. The check fails if any of the users or groups does not have that right, or if others who do have the right are missing from the list. You can use the check to verify that only appropriate users and groups have a given right on the server.
The name of an individual user right that can be assigned. Select one from the drop-down list.
The name(s) of one or more users or groups that should have the selected security right. Separate individual group or user names with commas. The order of the names in the list does not matter.
Note: This field accepts input that includes the special characters "@" and "\", so that you can supply domain user account names.
Some valid examples are:
Some examples that will not work:
Note: The user "NT SERVICE\WdiServiceHost" cannot be specified by name. For this user only, you must provide the SID instead of the username.
|Remedial Suggestion (optional)||