Solved

Domain user account not retained on local PC

Posted on 2003-12-04
8
423 Views
Last Modified: 2012-05-04
Greetings experts,
I have a user on my domain, I will call jdoe.  Now jdoe has an account set up on the domain controller in active directory.  The account is enabled, not locked and accessible from any PC on our network.  This AM the user attempted to logon as normal w/ jdoe a password and set to logon to the domain not the local computer.  When the desktop screen appeared, the default windows screen appears, you know the one that appears when any new user logs on and wants to give you the guided tour of windows.  All of the user jdoe's settings are gone.  Now my first thought was that they were deleted by another user.  But I did a few tests on other PCs.  I can log on as jdoe on any of my PCs and get new settings for that local pc.  When I log out the settings are not retained.  We are not using roaming profiles.  This seems to be the only user affected.  No domain policy settings have been change that would cause this action.  I have determined that it is isolated to the user account not a specific PC.  The domain controller is W2K server and the PC is W2K pro.  Really the only thing that matters is getting the email back.  As far as I know nothing has been changed on the network/pc.  I am the systems admin, so I have not made any changes, that does not mean that a employee has not hacked the system and is playing around.  Thanks in advance.
0
Comment
Question by:EaglePress
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 15

Expert Comment

by:Rob Stone
ID: 9875439
Is the old profile in the D&S folder?
If so, create a local account and copy the details to that profile to see if you can resue anything.

Make sure that in gpedit.msc that delete locally cached profiles isn't enabled.
0
 

Author Comment

by:EaglePress
ID: 9875527
No the old profile folder is not in the documents and setting directory.
0
 
LVL 6

Expert Comment

by:Casca1
ID: 9876475
SO you can logon as the user, log off and back on as yourself, and there is no account folder for the user in the D&S folder?

If so, check to ensure the user isn't using a mandatory roaming profile. I know, you said you aren't using them, but if there is one set, could be the cause. A fresh profile would be sent each and everytime, and it would be a new profile, and no settings saved. Fits the criteria for the problem.
As Stoner79 suggested, it could also be a GPO, though you should know about it as the sysadmin, your fear that the admin account compromised is POSSIBLE. Check for GPO links and permissions set only to that user with read and apply set to enabled.
Good Luck!
0
Edgartown IT Case Study

Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!

 

Author Comment

by:EaglePress
ID: 9876976
The user is not using a mandatory roaming profile.  There is nothing unique about this user to the other 100 users already setup in active directory.  I checked the GPO, nothing out of the ordinary there either.
0
 
LVL 6

Expert Comment

by:Casca1
ID: 9877199
Not to beat a dead horse, your sure you checked for all GPO's?
The only reason I ask is with OU's and what not, it is easy to overlook one.

And, sorry, but I am still wondering about the test. You can logon as user, logoff and back in as self and no profile is stored?
I'm sure you answered but I want to fix that as a reference.

If yes, then most likely, given the answers you have already given, I would have to guess a corrupted record for the user. Having never seen that you can guess the incredulity... 8-)
0
 
LVL 6

Expert Comment

by:Casca1
ID: 9877203
Is that a word? Incredulousness? Whatever!
0
 

Accepted Solution

by:
jhawleyjr earned 250 total points
ID: 9877351
I had this situation occur a couple weeks ago.  Check the user account in the AD (properties).  Then view the MEMBER OF tab.  Make sure the user jdoe is not a member of the GUEST or DOMAIN GUEST.  No matter what other groups the user is a member of the most restrictive group policy will override any other policy.  The guest account, by default, does not retain any setting, whether login to the domain or a local pc.
0
 
LVL 6

Expert Comment

by:Casca1
ID: 9878576
Well, I'll be. Never thought of that. 8-)
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
This post contains step-by-step instructions for setting up alerting in Percona Monitoring and Management (PMM) using Grafana.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question