Solved

Domain user account not retained on local PC

Posted on 2003-12-04
8
418 Views
Last Modified: 2012-05-04
Greetings experts,
I have a user on my domain, I will call jdoe.  Now jdoe has an account set up on the domain controller in active directory.  The account is enabled, not locked and accessible from any PC on our network.  This AM the user attempted to logon as normal w/ jdoe a password and set to logon to the domain not the local computer.  When the desktop screen appeared, the default windows screen appears, you know the one that appears when any new user logs on and wants to give you the guided tour of windows.  All of the user jdoe's settings are gone.  Now my first thought was that they were deleted by another user.  But I did a few tests on other PCs.  I can log on as jdoe on any of my PCs and get new settings for that local pc.  When I log out the settings are not retained.  We are not using roaming profiles.  This seems to be the only user affected.  No domain policy settings have been change that would cause this action.  I have determined that it is isolated to the user account not a specific PC.  The domain controller is W2K server and the PC is W2K pro.  Really the only thing that matters is getting the email back.  As far as I know nothing has been changed on the network/pc.  I am the systems admin, so I have not made any changes, that does not mean that a employee has not hacked the system and is playing around.  Thanks in advance.
0
Comment
Question by:EaglePress
8 Comments
 
LVL 15

Expert Comment

by:Rob Stone
ID: 9875439
Is the old profile in the D&S folder?
If so, create a local account and copy the details to that profile to see if you can resue anything.

Make sure that in gpedit.msc that delete locally cached profiles isn't enabled.
0
 

Author Comment

by:EaglePress
ID: 9875527
No the old profile folder is not in the documents and setting directory.
0
 
LVL 6

Expert Comment

by:Casca1
ID: 9876475
SO you can logon as the user, log off and back on as yourself, and there is no account folder for the user in the D&S folder?

If so, check to ensure the user isn't using a mandatory roaming profile. I know, you said you aren't using them, but if there is one set, could be the cause. A fresh profile would be sent each and everytime, and it would be a new profile, and no settings saved. Fits the criteria for the problem.
As Stoner79 suggested, it could also be a GPO, though you should know about it as the sysadmin, your fear that the admin account compromised is POSSIBLE. Check for GPO links and permissions set only to that user with read and apply set to enabled.
Good Luck!
0
 

Author Comment

by:EaglePress
ID: 9876976
The user is not using a mandatory roaming profile.  There is nothing unique about this user to the other 100 users already setup in active directory.  I checked the GPO, nothing out of the ordinary there either.
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 6

Expert Comment

by:Casca1
ID: 9877199
Not to beat a dead horse, your sure you checked for all GPO's?
The only reason I ask is with OU's and what not, it is easy to overlook one.

And, sorry, but I am still wondering about the test. You can logon as user, logoff and back in as self and no profile is stored?
I'm sure you answered but I want to fix that as a reference.

If yes, then most likely, given the answers you have already given, I would have to guess a corrupted record for the user. Having never seen that you can guess the incredulity... 8-)
0
 
LVL 6

Expert Comment

by:Casca1
ID: 9877203
Is that a word? Incredulousness? Whatever!
0
 

Accepted Solution

by:
jhawleyjr earned 250 total points
ID: 9877351
I had this situation occur a couple weeks ago.  Check the user account in the AD (properties).  Then view the MEMBER OF tab.  Make sure the user jdoe is not a member of the GUEST or DOMAIN GUEST.  No matter what other groups the user is a member of the most restrictive group policy will override any other policy.  The guest account, by default, does not retain any setting, whether login to the domain or a local pc.
0
 
LVL 6

Expert Comment

by:Casca1
ID: 9878576
Well, I'll be. Never thought of that. 8-)
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Moving applications to the cloud or switching services to cloud-based ones, is a stressful job.  Here's how you can make it easier.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video discusses moving either the default database or any database to a new volume.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now