[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 331
  • Last Modified:

Domain user is being dropped out of the local admin group on a WIN2K3 Server after a few hours.

Our development guy has a test server that is on the network, he needs to be in the local admins group to do his debugging. I add him to the local admins group on the machine and the account is missing hours later. The admin group contains other domain accounts, but they all happen to be domain groups. None of these are being dropped. Any ideas?
0
AmsurgIS
Asked:
AmsurgIS
  • 3
  • 2
1 Solution
 
oBdACommented:
That's probably a group policy "Restricted Groups" being applied to this machine. You need to change this policy, or (if possible) add the development guy to one of the groups that has local admin permissions.
0
 
AmsurgISAuthor Commented:
Would this be a local policy?
0
 
oBdACommented:
No, that's a domain policy; "Restricted Groups" aren't available as local policies (wouldn't make too much sense).
0
 
AmsurgISAuthor Commented:
True, but I don't see that policy as being in affect.
0
 
oBdACommented:
Open a command window, and run
gpresult /scope computer /v >gpresult.txt
Then open gpresult.txt in notepad and check the "Restricted Groups" section; this is basically the only possibility for accounts to disappear from local groups.

0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now