Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.Sign up
win_lgpo: User Rights Assignment policies #48661
When making changes or changes required, always returns true. But no change happened. User rights assignments exists in
Before: (using lgpo.get machine)
in SLS file:
Result is same as before using lgpo.get
secedit /export looks the same as before:
If an item is already in the desired state, STDOUT says the proper comment field:
Another observation that may narrow down TS. This observation happens on sporadic line items in local gpedit(s). In this particular example, its in Windows Updates.
When above setting is already in desired state:
when changes are needed:
@mike2523 User rights assignments are cumulative by default (think you already know this based on #49582), so if you're wanting to remove Backup Operators (i.e. only grant the users in your state the rights), you'll have to do:
I will look at the comment output though.