The effective settings in the Local Security policy are not updated with current changes. (NETIQKB35010)

fact
VigilEnt Security Agent for Windows 3.x

fact
VigilEnt Security Agent for Windows 4.0

fact
NetIQ Vulnerability Manager Agent for Windows 5.0

fact
VigilEnt Security Agent for Windows Detect

symptom
The effective settings in the Local Security policy are not updated with current changes.

cause
The user logging on to the machine is using cached Domain Group Policy Object (GPO) settings and will only update every 16 hours (if no changes made to GPO) or every 90 minutes (if changes are made to the GPO).

fix

To force an update of the Domain Group Policy Object settings on the local machine follow the instructions below:

1. Click Start | Settings | Control Panel | Administrative Tools | Local Security Policy.
   
2. Double-click Local Security Policy to open the 'Local Security Policy Settings' window.
   
3. Within the 'Local Security Policy Settings' window expand the Local Policies tree.
   
4. Select the Audit Policy folder and the Local Audit Policies will appear in the right hand pane.
   
5. Right-click the Policy you want to modify for the local system and select Security.
   
6. Modify the Local Security Policy Setting accordingly and click OK.
   
7. On the local computer click Start | Run, type CMD and hit Enter.
   
8. The DOS window will pop up, within this window type the following and hit Enter:
   
   SECEDIT /REFRESHPOLICY MACHINE_POLICY /ENFORCE
   
9. The window will return the following message:
   
   " Group policy propagation from the domain has been initiated for this computer. It may take a few minutes for the propagation to complete and the new policy to take effect. Please check Application Log for errors, if any."
   
10. Close the 'Local Security Policy' window and wait a minute or so. 
    
11. Re-open the Local Security Policy and verify your new settings appear in the Effective Settings column.

 

Formerly known as NETIQKB35010