Disabling 1 User in AD Disables other users

I've never seen this before.  An employee left a company so we disabled his account.  The next day or so I get a call saying a different user else can't log in.  After some checking I find out that if I eneable the ex-employees account the current employee can log in with her account.  Once the old account is disabled, the current account is also disabled.  I've tried changing passwords on both accounts, but the problem persisists.  All servers are running Windows 2003 Standard, the domain is in native mode.  Any ideas?
LVL 1
Leverage IT ConsultingAsked:
Who is Participating?
 
Netman66Connect With a Mentor Commented:
Recreate the user's account - it seems this guy may have somehow tied his account to hers (SID spoofing?)  I wouldn't risk it.

Disable the ex-employees account, create a new one for the other user, log in to create the new profile then copy all the data (and Desktop contents) to the new profile.  DO NOT copy the entire profile contents - just the user's data.

Once that's working, delete the two suspect accounts.

0
 
Leverage IT ConsultingAuthor Commented:
I don't think the user who left knew enough to tie the accounts together on purpose.  I've gone ahead and deleted and recreated the account, it works fine now.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.