A user has been a domain admin when he should not have been, and just removing the permissions is not enough.
I am trying to recreate a user account so here is the process that I have been following.
1: I removed the exchange attributes so I can keep the mailbox
2: I made a note of the profile location and group memberships from the active directory
3: I deleted the user account in active directory
4: I recreated the users account without creating a mailbox
5: I reconnected the mailbox to the user account
6: I placed the profile paths back into the account along with the user group memberships.
7: I tried to log in.
The error comes when I try to log into that computer. "A profile could not be loaded and a local profile will be used, access is denied."
We use roaming profiles and I need to reconnect the profile to the user account for all of his setting and information
So my questions are how do I re-attach the profile?
Do I have to recreate the profile also?
I know how but I would rather not have to re-create the profile.