Solved

unaccidentally delete administrator right!!

Posted on 2004-04-30
13
366 Views
Last Modified: 2010-04-13
Dear all,

       I'm newbie in win2000 server. I've one windows 2000 server where it store 40 users in AD Users & Computers. When we want to see security of the user - we'll right click properties --> Security Tab.... but i accidentally delete the administrator under security tab, How do i restore back?? because after i remove the administrator, i can't reset the password for that particular users. I need to reset this at server end.
Pls advice.

Thank you.
0
Comment
Question by:MeteorGarden
13 Comments
 
LVL 7

Expert Comment

by:corneliup
Comment Utility
Jus right click > properties > security add the administrator account.
Maybe the administrator has no rights but he can give himself those rights
0
 
LVL 67

Expert Comment

by:sirbounty
Comment Utility
Go to the parent folder and take ownership as the admin applying all changes to the folders below:

To take ownership of a folder:
   Right-click the folder you want to take ownership of, and then click Properties.
   Click the Security tab, and then click OK on the Security message (if one appears).
   Click Advanced, and then click the Owner tab.
   In the Name list, click your user name, Administrator if you are logged in as Administrator, or click the
   Administrators group. If you want to take ownership of the contents of that folder, click to select the Replace
   owner on subcontainers and objects check box.
   Click OK. The following message appears, where folder name is the name of the folder that you want to take ownership of:
   You do not have permission to read the contents of directory folder name. Do you want to replace the directory permissions
   with permissions granting you Full Control?

   All permissions will be replaced if you press Yes.

   Click Yes.
   Click OK, and then reapply the permissions and security settings that you want for the folder and its contents.
   
How to Take Ownership of a File
  NOTE: You must be logged on to the computer using an account that has administrative privileges.

  To take ownership of a file, follow these steps:
  Right-click the file you want to take ownership of, and then click Properties.
  Click the Security tab, and then click OK on the Security message (if one appears).
  Click Advanced, and then click the Owner tab.
  In the Name list click Administrator, or click the Administrators group, and then click OK.

  The Administrator or Administrators group now owns the file. To change the permissions on the files and folders under
  this folder, continue to step 5.
  Click Add.
  In the Enter the object names to select (examples) list, type the user or group account to which you want to give access
  to the file. For example, Administrator.
  Click OK.
  In the Group or user names list, click the account that you want (for example, Administrator), and then click to select
  the check boxes of the permissions that you want to assign that user. For example, Full Control [Allow]. When you are
  finished assigning permissions, click OK.

ref: http://support.microsoft.com/?kbid=308421
0
 

Author Comment

by:MeteorGarden
Comment Utility
Thanks for all the advice, i follow your step but can't get through.
Actually this is not the take the ownership of the folder.
When i open administrative tools -->Active Directory Users & Computers , Right click Users--> Security...It prompt me "you only have permission to view current security info on users". I've done something wrong where i delete all the of administrator right under all of the user folder in AD Users & Computer.
My question will be How do i add in the administrator rights for me to edit/change permission to all of the users under USERS folder in AD Users & computer.

Pls help.
thank you.
0
 
LVL 67

Expert Comment

by:sirbounty
Comment Utility
Start->Run->%systemroot%
Right-click the Security folder located there and choose properties.
Make sure that your administrator account has full control on the security tab found there...
0
 

Author Comment

by:MeteorGarden
Comment Utility
sirbounty, i'm not able to troubleshoot right now...i'll check when i'm in office. Our timezone too much different...anywhere i give you more info.......under my AD users & computer, got my server.com,we've builtin, computers,domain controllers, users,...etc....., where under my Users have around 40 of Users & Groups. I mis-configuration some of the Users & Groups security tab, i removed the administrator(default security), all i need is restore all of the administrator right under every Users/Group security tab without giving the administrator right to the normal domain users.
Thank you.
0
 

Author Comment

by:MeteorGarden
Comment Utility
Yes, my administrator account has full control on security tab...on %systemroot%-->security folder.

I still getting the error msg when i try to view my user properties in AD Users & Computer, "You only have permission to view the current security information on XXX user".
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 

Author Comment

by:MeteorGarden
Comment Utility
Do you think that it's a good idea to restore system state???

http://support.microsoft.com/default.aspx?scid=kb;en-us;241594&sd=tech
0
 

Author Comment

by:MeteorGarden
Comment Utility
Although i'm using administrator login, and my administrator login is in administrator group, i'm not able to recreate again in user security tab.
0
 

Author Comment

by:MeteorGarden
Comment Utility
I solved the problem by delegate control in domain level to my user account & i able to add back the administrator right to all of the user account in the domain. TQ.
0
 
LVL 67

Expert Comment

by:sirbounty
Comment Utility
Glad you got it sorted.
See here http:help.jsp#hs5 for how to obtain a refund...
0
 

Author Comment

by:MeteorGarden
Comment Utility
Thank you, Sirbounty, i'll get a refund & thank for your advice.
0
 

Accepted Solution

by:
modulo earned 0 total points
Comment Utility
Closed, 100 points refunded.

modulo
Community Support Moderator
Experts Exchange
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now