XIA Configuration

Audit User Rights Assignment Settings

Check your User Rights Assignment settings comply with security standards

Check your User Rights Assignment settings comply with security standards across all your Windows machines with XIA Configuration.

Use the built-in compliance benchmark to expose Windows machines that do not meet your security requirements.

Screenshot of the User Right Assignment compliance benchmark results in the XIA Configuration web interface
Screenshot of the User Right Assignment compliance benchmark results in the XIA Configuration web interface

XIA Configuration has a non-intrusive architecture with agentless data collection and PowerShell support.

User Rights Assignment in Group Policy

User Rights Assignment information can be viewed in Group Policy in the following section:

Computer Configuration > Windows Settings > Security Settings > Local Policies > User Rights Assignment

Group Policy editor showing User Rights Assignment
Group Policy editor showing User Rights Assignment

User Rights Assignment Audit and Documentation

If you're performing a security audit on your network, capturing information in this section of group policy is essential. XIA Configuration automates the retrieval of this data across all the Windows machines on your network.

Screenshot showing User Rights Assignment settings in the XIA Configuration web interface
Screenshot showing User Rights Assignment settings in the XIA Configuration web interface

Assess User Rights Assignment settings

Both the privileges and the user rights that have been assigned to user accounts are covered.

  • Display name - for example "Access to this computer from the network"
  • Internal right or privilege name - for example "SeNetworkLogonRight"
  • Configuration Source (Local / Group Policy)
  • Users and groups with this right assigned

View all the user rights retrieved by XIA Configuration below.

Show Details
  • Access Credential Manager as a trusted caller
  • Access this computer from the network
  • Act as part of the operating system
  • Add workstations to domain
  • Adjust memory quotas for a process
  • Allow log on locally
  • Allow log on through Remote Desktop Services
  • Back up files and directories
  • Bypass traverse checking
  • Change the system time
  • Change the time zone
  • Create a pagefile
  • Create a token object
  • Create global objects
  • Create permanent shared objects
  • Create symbolic links
  • Debug programs
  • Deny access to this computer from the network
  • Deny log on as a batch job
  • Deny log on as a service
  • Deny log on locally
  • Deny log on through Remote Desktop Services
  • Enable computer and user accounts to be trusted for delegation
  • Force shutdown from a remote system
  • Generate security audits
  • Impersonate a client after authentication
  • Increase a process working set
  • Increase scheduling priority
  • Load and unload device drivers
  • Lock pages in memory
  • Log on as a batch job
  • Log on as a service
  • Manage auditing and security log
  • Modify an object label
  • Modify firmware environment values
  • Obtain an impersonation token for another user in the same session
  • Perform volume maintenance tasks
  • Profile single process
  • Profile system performance
  • Remove computer from docking station
  • Replace a process-level token
  • Restore files and directories
  • Shut down the system
  • Synchronize directory service data
  • Take ownership of files or other objects
User Rights Assignment covers both the privileges and user rights that have been assigned to user accounts.

Privileges determine the type of system operations that a user account can perform whereas account rights determine the type of logon that a user account can perform - for example logon as a service.

To see all the Windows settings supported by XIA Configuration, navigate up to Windows.

Try auditing your user rights assignment settings for free