Solved

Domain Admin Members have limited Domain admin permissions

Posted on 2006-11-20
4
214 Views
Last Modified: 2010-04-18
I recently inherited a network.  My account is a member of Domain Admins and Domain Admins are a member of the local administrator's group on each machine.  However, our permissions are limited.  For example, I tried to launch Device Manager as myself (a member of Domain Admins) on a local and was told I do not have the privilige.  I had to log in as the Domain Administrator Account.  There are three Group Policies on the network that I haven't been able to go through yet, but I was hoping you might point me in the right direction.
0
Comment
Question by:scubaed69
  • 2
4 Comments
 
LVL 31

Expert Comment

by:Toni Uranjek
ID: 17981356
Use GPMC or gpresult to find out which policies are in effect. There might be domain wide policy which prohibits  access to Control Panel. If you have only three policies defined you won't have to much work to review settings.

You are looking for User Configuration policy in Control Panel.
0
 
LVL 48

Accepted Solution

by:
Jay_Jay70 earned 500 total points
ID: 17982849
just move your user out of the range of any policy and try again, quick way to see if its a policy or not
0
 

Author Comment

by:scubaed69
ID: 17984447
I couldn't find the policy blocking me.  Everything I checked said not configured.  So, I created a new OU, blocked inheritance to it and placed the neccesary accounts in the OU. This seems to have solved the issue.
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 17984470
it was most probably the default domain policy that has some settings in it
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question