jdana
asked on
Local Access Denied to Domain Admin
I ran a fresh Windows XP SP2 installation on a workstation. During the install, I create a local account with an accompanying profile named MyLocalAccount. I placed MyLocalAccount in the local Administrators group. I then added the workstation to the domain. I logged in to the workstation using my domain admin account, MyDomainAdminAccount. I then attempted to open the profile associated with MyLocalAccount and I get an "Access is denied" message. I don't get it. I'm in the Domain Admins group, and I double-checked that the Domain Admins is in the local Administrators account. Obviously, I can access the contents of the profile by logging in with MyLocalAccount, but I want to understand why MyDomainAdminAccount can't access the profile.
ASKER
What does ACL stand for? I'm simply using Windows Explorer.
I poked around a little after I posted the question. Turns out that the local Administrators group had no permissions on the MyLocalAccount profile folder. This seems bizarre. Shouldn't the local Administrators group have full permissions to all profile folders by default?
I poked around a little after I posted the question. Turns out that the local Administrators group had no permissions on the MyLocalAccount profile folder. This seems bizarre. Shouldn't the local Administrators group have full permissions to all profile folders by default?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
if you have admin rights on pc then you can take ownership of whatever you dont have rights to then give yourself rights to it....
We are having the same problem on our new file server. Can someone please tell me where this policy setting is?
Unlikely but it spring to mind so I'll throw it out there -- is the profile folder encrypted?
How are trying to access the profile folder ... using what interface?