Security Policy Settings

Security policy settings are among the settings contained in Group Policy objects (GPOs). When you edit security settings in a local GPO, only the security policy settings on that computer are affected. When you edit security policy settings in a GPO in Active Directory Domain Services (AD DS), the policy settings affect sites, domains, and organizational units (OUs) to which the GPO is linked. Some settings, such as password policy settings, are only operative at the domain level.

Windows Vista Security Policy Settings

The following security policy settings are available in Windows Vista.

  • Account Policy Settings
    • Password Policy
    • Account Lockout Policy
  • Local Policy Settings
    • Kerberos Policy
    • Audit Policy
    • User Rights Assignment
    • Security Options
  • Event Log Settings
  • Restricted Groups Settings
  • System Services Settings
  • Registry Settings
  • File System Settings

For more information about Vista security policy settings, see the following articles:

For information about Group Policy and security policy settings for Windows, including file names, policy path, scope, registry settings, reboot and logoff requirements, plus Active Directory schema or domain requirements, see the downloadable spreadsheet "Group Policy Settings Reference Windows Vista" (

Windows Server 2003 Security Policy Settings

To view the following Windows Server 2003 security policy settings, see Security Policy Settings.

  • Account Policies
  • Local Policies
  • Event Log
  • Restricted Group
  • System Services
  • Registry
  • File System
  • Wireless Network (802.11) Policies
  • Public Key Policies
  • Software Restriction Policies
  • IP Security Policies on Active Directory