Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

AD Permissions not working on a workstation

Posted on 2007-11-29
6
255 Views
Last Modified: 2013-12-23
I have a workstation that was using Windows 2000 connected to Server 2003 AD. I moved the documents and settings contents of the user to a new fresh install after the user was created on first login.  This new machine replaced the old which is off the network. Now the group policy permissions aren't working for a user IE User X in Group Y cannot read write to Share Z when Group Y has full access to the share. I tried logging in as an admin in safemode and renaming the user to _X then created a fresh user. And copied specific application data, outlook firefox etc, and documents and the problems appears to have come up again.  If the user logs into another machine they can get access to the share and if the another user with access to those shares logs into this machine they will get access.  Should i rename the NTUSER.DAT or some other file to reset the credentials?
0
Comment
Question by:knausscpa
  • 3
  • 2
6 Comments
 
LVL 3

Assisted Solution

by:greymirror
greymirror earned 150 total points
ID: 20380225
If i have this problem i generally only copy their files across (My Documents and Desktop). I've tried copying application data and found that the microsoft settings don't handle it very well. Windows XP has a settings migration wizard to handle this, but i'm not sure if 2000 does.

NTUSER.dat needs to be specific to the computer or it will try and re-create it - don't copy it from another profile.
0
 
LVL 37

Accepted Solution

by:
bbao earned 350 total points
ID: 20380790
you may try to

1. back up the all data of the problem user under C:\Documents and Settings\USERNAME (including its sub-folders)
2. delete the problem user's profile from Control Panel | System | User Profiles
3. ask the user log on again.
4. restore his/her data from the following folders (including its sub-folders) in the above backup.

C:\Documents and Settings\USERNAME\Desktop
C:\Documents and Settings\USERNAME\Favorites
C:\Documents and Settings\USERNAME\My Documents
C:\Documents and Settings\Administrator\SendTo (only if necessary)
C:\Documents and Settings\USERNAME\Start Menu (only if necessary)
C:\Documents and Settings\USERNAME\Templates (only if necessary)

5. if it is *really* necessary, restore his/her data from the following folders (probably NOT including its sub-folders) in the above backup

C:\Documents and Settings\USERNAME\Application Data
C:\Documents and Settings\USERNAME\Local Settings\Application Data

6. as greymirror mentioned above, do NOT copy NTUSER.DAT file. actually, you log on as the problem user, you cannot copy this file as it is being used.
7. restore other files, probably those on other user folders or in other partitions.

hope it helps,
bbao
0
 

Author Comment

by:knausscpa
ID: 20383125
I did almost exactly what BBAO said.  I will be going in again today and will give it another try and see.
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 37

Expert Comment

by:bbao
ID: 20385521
3. ask the user log on again. additionally, test if the user can work well *without* his/her old data. if yes, do the next step to restore the data.
0
 

Author Comment

by:knausscpa
ID: 20386572
I figured it out the problem was that she used a different account for her exchange email.  Once i setup outlook with that exchange account it was taking those permissions and ignoring the permissions for the main user login. Once i added the exchange account to the same GP then it worked.
0
 
LVL 37

Expert Comment

by:bbao
ID: 20387110
> Once i setup outlook with that exchange account it was taking those permissions and ignoring the permissions for the main user login.

do you mean public folders' permissions?
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
server DNS address could not be found 22 251
Error login w2012 domain 6 98
Setting up a VPN 60 181
Set TTL for a single entry in Server 2016 DNS zone file 2 14
Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
Are you one of those front-line IT Service Desk staff fielding calls, replying to emails, all-the-while working to resolve end-user technological nightmares? I am! That's why I have put together this brief overview of tools and techniques I use in o…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question