Client XP users are being deleted or removed from User Accounts on a Network
Posted on 2007-10-11
Issue: XP users are being removed from the User Accounts.
Windows XP SP2 client workstations on a corporate LAN, Group Policy being pushed out from from the WAN.
Software that gets updated:
MS Office 2003
A few weeks ago, users (normally Administator accounts) were being removed from the Administrator group on the local workstation. Upon checking Active Directory to ensure that they were in their proper containers, i.e., User Accounts and Workstation Accounts, they were verified. They were re-added into the Administrator group. The next day, the user was again, deleted/removed from the User Accounts. Note: the user profile is still on the machine and the user still has fairly good use of the workstation (minus annoying bits and pieces). Added the user again and this time ran GPUPDATE /FORCE and the user was immediately removed.
This is occurring on both desktop and laptop users. I had thought it might have something to do with the image I was using, but this morning I checked my computer (a totally different image) and I was removed as an administrator - note: I still have admin perms as do the users that have been removed from the user accounts.
Finally, some of the Power Users, who are also members of several other groups, were removed from all of their placed groups. Not all, some.
The virus checking/elimination in the network by corporate has always been amazing, myself being called 2 times in 4 years by corporate immediately when something came up on a single machine.
Does anyone have any idea what might be causing this or ever seen anything like this before?