I'm building a network application that I would like to have as "integrated"
into Windows as possibly. The application is one which many users will be
logged into at once, and each user has different roles that define the
actions they can take.
I would like to publish my "actions" to Windows (specifically Active
Directory) so that they show up in the "User Rights Assignment" section of
the "Local Security Policy" or "Active Directory Security Policy" MMC
snap-in.
Ideally, one the actions are published, Administrators can then, using
standard Windows tools, select the groups or roles that define what users
can perform which actions.
The problem is that I can't decide if Group Policy Objects are what I'm
looking for, and if they are, I can't figure out how to create them.
Does anyone know how to create entries in the "User Rights Assignment"
section of the various policies, or know how to read them out?
--
Chris Mullins