Solved

Domain user is being dropped out of the local admin group on a WIN2K3 Server after a few hours.

Posted on 2006-07-12
5
323 Views
Last Modified: 2010-05-18
Our development guy has a test server that is on the network, he needs to be in the local admins group to do his debugging. I add him to the local admins group on the machine and the account is missing hours later. The admin group contains other domain accounts, but they all happen to be domain groups. None of these are being dropped. Any ideas?
0
Comment
Question by:AmsurgIS
  • 3
  • 2
5 Comments
 
LVL 83

Expert Comment

by:oBdA
ID: 17091159
That's probably a group policy "Restricted Groups" being applied to this machine. You need to change this policy, or (if possible) add the development guy to one of the groups that has local admin permissions.
0
 

Author Comment

by:AmsurgIS
ID: 17091372
Would this be a local policy?
0
 
LVL 83

Expert Comment

by:oBdA
ID: 17091470
No, that's a domain policy; "Restricted Groups" aren't available as local policies (wouldn't make too much sense).
0
 

Author Comment

by:AmsurgIS
ID: 17091766
True, but I don't see that policy as being in affect.
0
 
LVL 83

Accepted Solution

by:
oBdA earned 250 total points
ID: 17091950
Open a command window, and run
gpresult /scope computer /v >gpresult.txt
Then open gpresult.txt in notepad and check the "Restricted Groups" section; this is basically the only possibility for accounts to disappear from local groups.

0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…
A short film showing how OnPage and Connectwise integration works.

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now