Delete the VPN Policies in ASDM 7 Group
A bit of a catch-22 here: I'm trying to remove VPN group policies but the error message that the policy is being used by a particular connection profile. When I try to delete the connection profile, I get the message that it is in use by a VPN group policy...
What else is there to remove or should I use the CLI?
Thank you in advance!
You do not (and cannot) to remove the connection profile, but you should Remove your policy grop since the connection profile.
From the cli:
attributes global-tunnel-group SOME_GROUP
No group policy - by default-SOME_GP
After that, group policy may be deleted as you want, as long it not used elsewhere.
Tags: Cisco Security
Similar Questions
-
Help, please! Connected to the VPN, but cannot access internal servers.
Hi friends,
I'm a newbie on vpn stuff, I set up a base on a Cisco ASA 5505 vpn by using ASDM, and I was able to connect to it. However, I can't ssh or RDP to one of the servers in the House after that I connected to the vpn. Here is the configuration. Help, please!
ASA Version 8.2 (5)
!
hostname sc - asa
domain abc.com
enable the encrypted password xxxxxxxxx
xxxxxxxxx encrypted passwd
names of
!
interface Ethernet0/0
switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
interface Vlan1
nameif inside
security-level 100
IP 192.168.1.1 255.255.255.0
!
interface Vlan2
nameif outside
security-level 0
IP address dhcp setroute
!
passive FTP mode
DNS server-group DefaultDNS
domain OpenDNS.com
sc-pool_splitTunnelAcl-list of allowed access standard 192.168.1.0 255.255.255.0
inside_nat0_outbound to access ip 192.168.1.0 scope list allow 255.255.255.0 192.168.1.96 255.255.255.240
pager lines 24
Enable logging
asdm of logging of information
Within 1500 MTU
Outside 1500 MTU
IP local pool sc-192.168.1.100 - 192.168.1.110 mask 255.255.255.0
ICMP unreachable rate-limit 1 burst-size 1
don't allow no asdm history
ARP timeout 14400
Global 1 interface (outside)
NAT (inside) 0-list of access inside_nat0_outbound
NAT (inside) 1 0.0.0.0 0.0.0.0
Timeout xlate 03:00
Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00
Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00
Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
Floating conn timeout 0:00:00
dynamic-access-policy-registration DfltAccessPolicy
Enable http server
http 192.168.1.0 255.255.255.0 inside
No snmp server location
No snmp Server contact
Server enable SNMP traps snmp authentication linkup, linkdown cold start
Crypto ipsec transform-set esp-SHA-ESP-3DES-3des esp-sha-hmac
Crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
Crypto ipsec transform-set ESP-DES-SHA esp - esp-sha-hmac
Crypto ipsec transform-set ESP-DES-MD5 esp - esp-md5-hmac
Crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
Crypto ipsec transform-set ESP-3DES-MD5-esp-3des esp-md5-hmac
Crypto ipsec transform-set ESP-AES-256-SHA 256 - aes - esp esp-sha-hmac
Crypto ipsec transform-set ESP-AES-128-SHA aes - esp esp-sha-hmac
Crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
Crypto ipsec transform-set ESP-AES-128-MD5-esp - aes esp-md5-hmac
life crypto ipsec security association seconds 28800
Crypto ipsec kilobytes of life - safety 4608000 association
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 pfs Group1 set
Crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 value transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA MD5-ESP-3DES ESP-DES-SHA ESP-DES-MD5
outside_map card crypto 65535-isakmp dynamic ipsec SYSTEM_DEFAULT_CRYPTO_MAP
outside_map interface card crypto outside
crypto ISAKMP allow outside
crypto ISAKMP policy 10
preshared authentication
3des encryption
sha hash
Group 2
life 86400
Telnet timeout 5
SSH timeout 5
Console timeout 0
interface ID client DHCP-client to the outside
dhcpd outside auto_config
!
dhcpd address 192.168.1.5 - 192.168.1.36 inside
dhcpd dns 208.67.222.222 208.67.220.220 interface inside
rental contract interface 86400 dhcpd inside
dhcpd abc.com domain inside interface
dhcpd allow inside
!
a basic threat threat detection
Statistics-list of access threat detection
no statistical threat detection tcp-interception
SSL encryption rc4 - md5, rc4-aes128-sha1 aes256-3des-sha1 sha1 sha1
WebVPN
abc group policy - sc internal
attributes of the strategy of group abc - sc
value of server DNS 208.67.222.222 192.168.1.3
Protocol-tunnel-VPN IPSec
Split-tunnel-policy tunnelspecified
Split-tunnel-network-list value abc-sc_splitTunnelAcl
field default value abc.com
a001 xxxxxxxxxxx encrypted password username
a002 xxxxxxxxxxx encrypted password username
username a003 encrypted password privilege 0 xxxxxxxxxxx
a003 username attributes
Strategy Group-VPN-abc-sc
a004 xxxxxxxxxxx encrypted password privilege 0 username
a004 username attributes
Strategy Group-VPN-abc-sc
a005 xxxxxxxxxxx encrypted password username
a006 xxxxxxxxxxx encrypted password username
username privilege 15 encrypted password xxxxxxxxxxx a007
remote access to tunnel-group abc - sc type
attributes global-tunnel-group-abc - sc
address sc-pool pool
Group Policy - by default-abc-sc
tunnel-group abc - sc ipsec-attributes
pre-shared key *.
!
class-map inspection_default
match default-inspection-traffic
!
!
type of policy-card inspect dns preset_dns_map
parameters
maximum message length automatic of customer
message-length maximum 512
Policy-map global_policy
class inspection_default
inspect the preset_dns_map dns
inspect the ftp
inspect h323 h225
inspect the h323 ras
inspect the rsh
inspect the rtsp
inspect esmtp
inspect sqlnet
inspect the skinny
inspect sunrpc
inspect xdmcp
inspect the sip
inspect the netbios
inspect the tftp
Review the ip options
!
global service-policy global_policy
context of prompt hostname
no remote anonymous reporting call
Cryptochecksum:e7df4fa4b60a252d806ca5222d48883b
: end
Hello
I would suggest you start by changing the pool VPN to something else than the current LAN network and see if that helps
These should be the configuration required to achieve this goal
- First remove us pool setup VPN VPN
- Then we delete the VPN Pool and create again with an another address space
- When then attach this new Pool of VPN again to the VPN configuration
- In the last step, we add a NAT0 / exempt for this new pool VPN NAT configuration and remove the old ACL line for the former group of VPN
attributes global-tunnel-group-abc - sc
no address-sc-swimming pool
no ip local pool sc 192.168.1.100 - 192.168.1.110 mask 255.255.255.0
IP local pool sc-192.168.100.100 - 192.168.100.110 mask 255.255.255.0
attributes global-tunnel-group-abc - sc
address sc-pool pool
inside_nat0_outbound to access ip 192.168.1.0 scope list allow 255.255.255.0 192.168.100.0 255.255.255.0
No inside_nat0_outbound access ip 192.168.1.0 scope list allow 255.255.255.0 192.168.1.96 255.255.255.240
-Jouni
-
Cancel the assignment of users to a group of IOM using the API/Java Code
Hello OIMers,
Can you please tell me how can I delete the assignment a belonging to a group through code?
This is the case:
When the user is deleted from Active Directory, I want to cancel the user from a group, assumes that the name of the group is "employed full-time."
Currently how do is click the profile in the administration Console, then select group of drop down and then select Cancel this group assignment.
Please tell me how to do the above tasks programmatically, it would solve my problem.
Thanks to all in advance.
Kind regards
VSNHave you tried findGroups?
You get a result set with only one entry and then just do a:
long groupKey = groups.getLongValue("Groups.Key");
Hope this helps
-Martin -
delete the printer driver by political group or batch script
I am migrating our server F & P from 2003 to 2008. I created all of the printers in server 2008 and tested, and they print correctly. Test the issue I am running is this: I can add the printer Server 2008 for fine local workstation, but users are unable to print the new queue. If I go ahead and deleted the printer and remove the driver completely and then add the printer on 2008 server works very well. So, I'm looking for a way to remove printers and drivers of each workstation via Group Policy or batch scripts to make my life easier. Thank you.
Hello
Given that the problem is related to the windows server, I suggest you post this question in the Windows Server Forums.
http://social.technet.Microsoft.com/forums/en-us/winserverGP/threads -
ISE 1.3.0.876 - cannot delete the Group of network devices
Hello
When I try to delete a NDG I tells me "this node cannot remove because it contains devices or subgroups.
When I search in the peripheral topic network no devices are part of the group, and it has no sub-groups in this group.
So what don't understand me?
Brian
Hi Brian,.
If you have checked everything regarding the configuration and we are still not able to remove the NDG group.
In this scenario, that the problem is although the n group is not referenced for an any Nagels when we try to delete the n group, it will throw an error "this node cannot remove because it contains devices or subgroups.
The reason for this problem is that previously when n use this group of n, and if we reference out of this group of n, "dereferenced" information only are not updated in the database table and thus causing the issue when deleting GUI. He still thinks as if it has references.
You may need to open a TAC case for this because it will be access to the SQL DB of the ISE and you don't have access to him.
Kind regards
Aditya
-
VPN concentrator to transmit user group information to the IAS server?
All,
the feeling that the answer will be no, but we have replaced our MS RAS server using a VPN 3030 using an IAS server for authentication on a Win2k3 domain. The question we have is that some people share files FCP with people from other groups. HIA just validates the user password and verifies that they are in a private network allowed virtual group, which is then allowing them access more than they should, is it all the same for the hub the information on an IAS to control server as well? If not, does anyone know how to check popular ID using the remote VPN access are in the right group to which they are connected?
Sorry I think I did the above clear as mud!
Do not know your question, but you can cause the IAS server to assign a group to a user by adding the attribute class to a specific IAS security policy. Add class = OU = groupname; (do not omit the semicolon) for the attributes RADIUS IAS policy against which a user will be auth, and this will have an impact to the 3030, which will assign them to the appropriate group.
I hope this helps.
-
I was trying to the vpn Wizard ASDM allows you to download the new client anyconnect 4.2 and I got errors saying that the file is not valid.
Should which file I download in order for customers to download the vpn client.
I have asa x 5506
Hello
You must use the anyconnect file you get from cisco.com or Cisco partner and download, the .pkg file extension
for example:
# poster run | grep anyconnect
AnyConnect image disk0:/anyconnect-win-4.2.01022-k9.pkg 1HTH
Samer.
-
Problem with deleting the object embedded in the ASA 5580 8.4 code groups (4) 1
Model: Cisco ASA5580-40
Code version: 8.4 (4) 1
Version 6.4 Device Manager (9)
I've been running this code since June of 2012 and so far all seems to work fine until recently, when I started a project to clean up some groups of embeded objects I start running in this weird error. Our company has been going through somre restructuring process and simplified the VPN groups, so I was asked to clean up all the old VPN groups (who are be created in ACL objects and integrated within other ACL object groups). This problem seems to be the case on a random basis, so I don't know if it's a bug problem.
To illustrate, for example I'm trying to remove the built-in Office infrastructure VPN address space
the hosts_able_to_ssh_to_server123 object-group network
object Group limited-i_remote_vpn_address_space
purpose of group office_infrastructure_remote_vpn_address_space
Normally, I only need to enter the group object for ssh for SERVEUR123 and do a:
object-group network hosts_able_to_ssh_to_server123 asa5580-001-the (config) #.
asa5580-001-lax06(config-network-object-group) # no object-group office_infrastructure_remote_vpn_address_space
BUT I came across this error:
Remove obj object-group (hosts_able_to_ssh_to_server123) has failed;
obj does not exist in this group
Has anyone else encountered this error
Hello
Seems it should work perfectly. Especially when we just remove a "object-group" inside another "object-group.
I went through a few Bug IDs and it was the only one, I could very well on a look that could match your situation. And then it does not really provide any useful information either
Click on the image to view a larger version of it
Maybe it's a bug. Does not appear that there are very precise information on this subject on the site either.
Personally, I'm not even using "object-group" inside another "object-group.
I tend to do a simple "object-group" containing everything I need.
Of course the most obvious route would be to try some newer software, but who knows, maybe they could even produce another bug in turn
-Jouni
-
Group to be installed on the VPN Client
We run IOS 8.2 (2). We configure VPN groups to authenticate locally to the ASA. We have about 10 different groups (marketing, engineering, accounting, technical support, etc.) that I need the installation which is no problem. My problem is that I have to configure 10 different groups on the VPN client based on their user name. Is it possible to set up a generic group such as everyone on the VPN client and the users will no longer have access to resources based on their user name when they connect to the VPN client?
Please let me know if you have any questions or need additional information.
Thank you.
Laura
Hi Laura,
You can have all users that connect to the same group.
Then, individually on each user, create a VPN filter...
username test attributes
VPN-filter...
Federico.
-
Allow remote access to the VPN Cisco ASDM
Hello
I am trying to access asdm Setup for the user remote vpn. Our ASA running version 9.1 (1). ASDM is running version 7.1 (1) 52
I have apart from the interface within the interface enabled for vpn tunnel and I use 3rd interface (asdm_inf) dedicated to this purpose.
In the asdm, I enabled the management to asdm_inf interface. In the section ASDM, HTTPS, Telnet, SSH, I also add ASDM/HTTPS(port 444) for asdm_inf, ip_address 0.0.0.0 mask 0.0.0.0.
However, when I connect to the vpn client and try https://asdm_inf:444, the connection is broken with timeout.
Where could I go wrong? Any help would be appreciated.
Thank you
Hello
Well, split tunnel is incorrect, you are tunneling to 172.16.66.0/24, while your BFD which you want to manage the ASDM to is 192.168.244.0/24, so the ACL split tunnel should also 192.168.244.0/24 network.
-
I am trying to remove a price in pdf format, and a message appears "all or part of the selection has no available police." Cannot add or delete the current font using". I downloaded this font in my Adobe fonts, but still no luck.
How to update or download all the fonts in my Adobe Adobe Acrobat X Pro?
Get the police does not always help, but to use a font you don't add it to Acrobat. Add you on Mac or Windows.
-
Can I delete the VC server admin group? -Not the operating system.
HI, when installing the VC server,-VCenter creates the Admin group by default as the admin of the VC server. If after the installation can remove us that group from the VC Server? I don't think there should be a problem, but I want to be sure about this?
Thank you
Yes you can - but make sure that you have another user or a group defined as an administrator for your center of VC-
If you find this or any other answer useful please consider awarding points marking the answer correct or useful
-
ASA Anyconnect VPN do not work or download the VPN client
I have a Cisco ASA 5505 that I try to configure anyconnect VPN and thought, I've changed my setup several times but trying to access my static public IP address of the external IP address to download the image, I am not able to. Also when I do a package tracer I see he has been ignored through the acl when the packets from side to the ASA via port 443, it drops because of the ACL. My DMZ so will he look like something trying to access the ASA via the VPN's going to port 443. Here is my config
XXXX # sh run
: Saved
:
ASA Version 8.4 (3)
!
hostname XXXX
search for domain name
activate pFTzVNrKdD9x5rhT encrypted password
zPBAmb8krxlXh.CH encrypted passwd
names of
!
interface Ethernet0/0
Outside-interface description
switchport access vlan 20
!
interface Ethernet0/1
Uplink DMZ description
switchport access vlan 30
!
interface Ethernet0/2
switchport access vlan 10
!
interface Ethernet0/3
switchport access vlan 10
!
interface Ethernet0/4
Ganymede + ID description
switchport access vlan 10
switchport monitor Ethernet0/0
!
interface Ethernet0/5
switchport access vlan 10
!
interface Ethernet0/6
switchport access vlan 10
!
interface Ethernet0/7
Description Wireless_AP_Loft
switchport access vlan 10
!
interface Vlan10
nameif inside
security-level 100
IP 192.168.10.1 255.255.255.0
!
interface Vlan20
nameif outside
security-level 0
IP address x.x.x.249 255.255.255.248
!
Vlan30 interface
no interface before Vlan10
nameif dmz
security-level 50
IP 172.16.30.1 255.255.255.0
!
boot system Disk0: / asa843 - k8.bin
passive FTP mode
DNS lookup field inside
DNS domain-lookup outside
DNS domain-lookup dmz
DNS server-group DefaultDNS
Name-Server 8.8.8.8
Server name 8.8.4.4
search for domain name
network obj_any1 object
subnet 0.0.0.0 0.0.0.0
network of the Webserver_DMZ object
Home 172.16.30.8
network of the Mailserver_DMZ object
Home 172.16.30.7
the object DMZ network
172.16.30.0 subnet 255.255.255.0
network of the FTPserver_DMZ object
Home 172.16.30.9
network of the Public-IP-subnet object
subnet x.x.x.248 255.255.255.248
network of the FTPserver object
Home 172.16.30.8
network of the object inside
192.168.10.0 subnet 255.255.255.0
network of the VPN_SSL object
10.101.4.0 subnet 255.255.255.0
outside_in list extended access permit tcp any newspaper object Mailserver_DMZ eq www
outside_in list extended access permit tcp any newspaper EQ 587 Mailserver_DMZ object
outside_in list extended access permit tcp any newspaper SMTP object Mailserver_DMZ eq
outside_in list extended access permit tcp any newspaper of the Mailserver_DMZ eq pop3 object
outside_in list extended access permit tcp any newspaper EQ 2525 Mailserver_DMZ object
outside_in list extended access permit tcp any newspaper of the Mailserver_DMZ eq imap4 object
outside_in list extended access permit tcp any newspaper EQ 465 Mailserver_DMZ object
outside_in list extended access permit tcp any newspaper EQ 993 Mailserver_DMZ object
outside_in list extended access permit tcp any newspaper EQ 995 object Mailserver_DMZ
outside_in list extended access permit tcp any newspaper EQ 5901 Mailserver_DMZ object
outside_in list extended access permit tcp any newspaper Mailserver_DMZ eq https object
Note access list ACL for VPN Tunnel from Split vpn_SplitTunnel
vpn_SplitTunnel list standard access allowed 192.168.10.0 255.255.255.0
pager lines 24
Enable logging
timestamp of the record
exploitation forest-size of the buffer to 8192
logging trap warnings
asdm of logging of information
Within 1500 MTU
Outside 1500 MTU
MTU 1500 dmz
local pool VPN_SSL 10.101.4.1 - 10.101.4.4 255.255.255.0 IP mask
ICMP unreachable rate-limit 1 burst-size 1
ASDM image disk0: / asdm - 647.bin
don't allow no asdm history
ARP timeout 14400
NAT (inside, outside) static source inside inside static destination VPN_SSL VPN_SSL
NAT (exterior, Interior) static source VPN_SSL VPN_SSL
!
network obj_any1 object
NAT static interface (indoor, outdoor)
network of the Webserver_DMZ object
NAT (dmz, outside) static x.x.x.250
network of the Mailserver_DMZ object
NAT (dmz, outside) static x.x.x.. 251
the object DMZ network
NAT (dmz, outside) static interface
Access-group outside_in in external interface
Route outside 0.0.0.0 0.0.0.0 x.x.x.254 1
Timeout xlate 03:00
Pat-xlate timeout 0:00:30
Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00
Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00
Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
Floating conn timeout 0:00:00
dynamic-access-policy-registration DfltAccessPolicy
AAA-server protocol Ganymede HNIC +.
AAA-server host 192.168.10.2 HNIC (inside)
Timeout 60
key *.
identity of the user by default-domain LOCAL
Console HTTP authentication AAA HNIC
AAA console HNIC ssh authentication
Console AAA authentication telnet HNIC
AAA authentication secure-http-client
http 192.168.10.0 255.255.255.0 inside
No snmp server location
No snmp Server contact
Server enable SNMP traps snmp authentication linkup, linkdown cold start
Crypto ca trustpoint localtrust
registration auto
Configure CRL
Crypto ca trustpoint VPN_Articulate2day
registration auto
name of the object CN = vpn.articulate2day.com
sslvpnkey key pair
Configure CRL
Telnet 192.168.10.0 255.255.255.0 inside
Telnet timeout 30
SSH 192.168.10.0 255.255.255.0 inside
SSH timeout 15
SSH version 2
Console timeout 0
No vpn-addr-assign aaaDHCP-client update dns
dhcpd dns 8.8.8.8 8.8.4.4
dhcpd outside auto_config
!
dhcpd address 192.168.10.100 - 192.168.10.150 inside
dhcpd allow inside
!
dhcpd address dmz 172.16.30.20 - 172.16.30.23
dhcpd enable dmz
!
a basic threat threat detection
Statistics-list of access threat detection
no statistical threat detection tcp-interception
authenticate the NTP
NTP server 192.168.10.2
WebVPN
allow outside
AnyConnect image disk0:/anyconnect-linux-64-3.1.06079-k9.pkg 1
AnyConnect enable
tunnel-group-list activate
internal VPN_SSL group policy
VPN_SSL group policy attributes
value of server DNS 8.8.8.8
client ssl-VPN-tunnel-Protocol
Split-tunnel-policy tunnelspecified
value of Split-tunnel-network-list vpn_SplitTunnel
the address value VPN_SSL pools
WebVPN
activate AnyConnect ssl dtls
AnyConnect Dungeon-Installer installed
AnyConnect ssl keepalive 15
AnyConnect ssl deflate compression
AnyConnect ask enable
ronmitch50 spn1SehCw8TvCzu7 encrypted password username
username ronmitch50 attributes
type of remote access service
type tunnel-group VPN_SSL_Clients remote access
attributes global-tunnel-group VPN_SSL_Clients
address VPN_SSL pool
Group Policy - by default-VPN_SSL
tunnel-group VPN_SSL_Clients webvpn-attributes
enable VPNSSL_GNS3 group-alias
type tunnel-group VPN_SSL remote access
!
class-map inspection_default
match default-inspection-traffic
!
!
type of policy-card inspect dns preset_dns_map
parameters
maximum message length automatic of customer
message-length maximum 512
Policy-map global_policy
class inspection_default
inspect the preset_dns_map dns
inspect the ftp
inspect h323 h225
inspect the h323 ras
inspect the rsh
inspect the rtsp
inspect sqlnet
inspect the skinny
inspect sunrpc
inspect xdmcp
inspect the sip
inspect the netbios
inspect the tftp
Review the ip options
inspect esmtp
!
global service-policy global_policy
context of prompt hostname
no remote anonymous reporting call
call-home
Profile of CiscoTAC-1
no active account
http https://tools.cisco.com/its/service/oddce/services/DDCEService destination address
email address of destination [email protected] / * /
destination-mode http transport
Subscribe to alert-group diagnosis
Subscribe to alert-group environment
Subscribe to alert-group monthly periodic inventory
monthly periodicals to subscribe to alert-group configuration
daily periodic subscribe to alert-group telemetry
Cryptochecksum:d41d8cd98f00b204e9800998ecf8427e
: endXXXX #.
You do not have this configuration:
object network DMZ nat (dmz,outside) static interface
Try and take (or delete):
object network DMZ nat (dmz,outside) dynamic interface
-
Original title: group policy
When I try to use the system restore, I get "system restore is disabled by group policy. How can I fix this problem?
Hi bluelilly,
1. is your computer connected to a domain?
2. don't you make changes before the show?This occurs if the Configuration policy to disable is enabled on your system, either by using Group Policy or through the registry editor. For stand-alone systems Windows Vista, follow these steps:
Step 1: Using the Group Policy Editor. If your edition of Windows Vista includes the Group Policy Editor (gpedit.msc) snap-in, follow these steps:
a. Click Start, type gpedit.msc and press ENTER.
b. go to the following branch: Computer Configuration | Administrative templates | System | System restore
c. double click on disable the Configuration and set it to not configured.
Note: If the above setting is already set to not configured, set it to "Enabled" and click on apply. Return back the setting to not configured, then click on apply, OK.
d. Quit Group Policy Editor.
e. restart the computer and check the difference.Step 2: Using the registry editor
a. Click Start, type regedit.exe and press ENTER
b. navigate to the following key: HKEY_LOCAL_MACHINE-Software-policies-Microsoft-Windows NT------SystemRestore
(c) in the right pane, delete the value named DisableConfig.
d. Quit Registry Editor.
e. restart the computer and check the difference.Very important: Modifying the registry incorrectly will cause serious damage to the computer. Back up the registry until you make changes.
See Registry backupIf your computer is connected to a domain, then we recommend that you post your query toTechnet Forums Windows Vista to improve the assistance.
Visit our Microsoft answers feedback Forum and let us know what you think.
-
How can I delete the Favorites menu in the menu drop down address bar in IE8?
How can I delete the Favorites menu in the menu drop down address bar in IE8?
Hello
Because you used the nickname 'DaddyJeff' do you need to remove the access of all to Favorites? Otherwise, please
describe in more detail what you need to do.I think that you should use the Parental control or group policies (GPedit if you have professional, company,
(or Ultimate).See this and the 'related links '.
How to install and use Parental controls in Vista
http://www.Vistax64.com/tutorials/95139-parental-controls-Setup-use.htmland these:
Setting up Windows Vista's Parental control
http://www.bleepingcomputer.com/tutorials/tutorial139.htmlSet up Parental controls
http://Windows.Microsoft.com/en-us/Windows-Vista/set-up-parental-controlsI hope this helps.
Rob - bicycle - Mark Twain said it is good.
Maybe you are looking for
-
Cayman Islands time incorrect use of the DST in iOS.
In the EPM iOS 9.2.1 look a moment for George Town, Cayman Islands in world clock time from March 13 incorrectly uses EDT inst, East. While the Cayman had been playing with the implementation of DST this year, the plan was abandoned. In the screensho
-
Internet connection fast but slow to load web pages
I have a relatively fast internet connection: speed download - 60.5 Mbps; Download Speed - 6 Mbps. I get the same results on my MacBook Pro running on the wifi and my iMac which is directly connected to the Ether. On the iMac, however, it is now hold
-
Bluetooth does work only 1-way?
I recently got an unlocked Moto phone g (4). I can transfer photos, .jpg, from the phone to my computer, but not from the computer to the phone? I get the following message: Bluetooth file transfer not completed. Windows was not able to transfer file
-
Not available for the administrator user
Administrator user is hidden (only the guest user is available) when I try to log in as an administrator of the laptop with Windows XP. Help please!
-
Hung up messages in Windows Live Mail
Hung up messages - how access and copy or remove them?It happens when I use Windows Live Mail. The me3ssage format is generated by the recipient mail address. The message is listed as not cross - I don't remember the error code, I can't access the me