Domain user is being dropped out of the local admin group on a WIN2K3 Server after a few hours.

Our development guy has a test server that is on the network, he needs to be in the local admins group to do his debugging. I add him to the local admins group on the machine and the account is missing hours later. The admin group contains other domain accounts, but they all happen to be domain groups. None of these are being dropped. Any ideas?
AmsurgISAsked:
Who is Participating?
 
oBdAConnect With a Mentor Commented:
Open a command window, and run
gpresult /scope computer /v >gpresult.txt
Then open gpresult.txt in notepad and check the "Restricted Groups" section; this is basically the only possibility for accounts to disappear from local groups.

0
 
oBdACommented:
That's probably a group policy "Restricted Groups" being applied to this machine. You need to change this policy, or (if possible) add the development guy to one of the groups that has local admin permissions.
0
 
AmsurgISAuthor Commented:
Would this be a local policy?
0
 
oBdACommented:
No, that's a domain policy; "Restricted Groups" aren't available as local policies (wouldn't make too much sense).
0
 
AmsurgISAuthor Commented:
True, but I don't see that policy as being in affect.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.