Solved

AD Permissions not working on a workstation

Posted on 2007-11-29
6
256 Views
Last Modified: 2013-12-23
I have a workstation that was using Windows 2000 connected to Server 2003 AD. I moved the documents and settings contents of the user to a new fresh install after the user was created on first login.  This new machine replaced the old which is off the network. Now the group policy permissions aren't working for a user IE User X in Group Y cannot read write to Share Z when Group Y has full access to the share. I tried logging in as an admin in safemode and renaming the user to _X then created a fresh user. And copied specific application data, outlook firefox etc, and documents and the problems appears to have come up again.  If the user logs into another machine they can get access to the share and if the another user with access to those shares logs into this machine they will get access.  Should i rename the NTUSER.DAT or some other file to reset the credentials?
0
Comment
Question by:knausscpa
  • 3
  • 2
6 Comments
 
LVL 3

Assisted Solution

by:greymirror
greymirror earned 150 total points
ID: 20380225
If i have this problem i generally only copy their files across (My Documents and Desktop). I've tried copying application data and found that the microsoft settings don't handle it very well. Windows XP has a settings migration wizard to handle this, but i'm not sure if 2000 does.

NTUSER.dat needs to be specific to the computer or it will try and re-create it - don't copy it from another profile.
0
 
LVL 37

Accepted Solution

by:
bbao earned 350 total points
ID: 20380790
you may try to

1. back up the all data of the problem user under C:\Documents and Settings\USERNAME (including its sub-folders)
2. delete the problem user's profile from Control Panel | System | User Profiles
3. ask the user log on again.
4. restore his/her data from the following folders (including its sub-folders) in the above backup.

C:\Documents and Settings\USERNAME\Desktop
C:\Documents and Settings\USERNAME\Favorites
C:\Documents and Settings\USERNAME\My Documents
C:\Documents and Settings\Administrator\SendTo (only if necessary)
C:\Documents and Settings\USERNAME\Start Menu (only if necessary)
C:\Documents and Settings\USERNAME\Templates (only if necessary)

5. if it is *really* necessary, restore his/her data from the following folders (probably NOT including its sub-folders) in the above backup

C:\Documents and Settings\USERNAME\Application Data
C:\Documents and Settings\USERNAME\Local Settings\Application Data

6. as greymirror mentioned above, do NOT copy NTUSER.DAT file. actually, you log on as the problem user, you cannot copy this file as it is being used.
7. restore other files, probably those on other user folders or in other partitions.

hope it helps,
bbao
0
 

Author Comment

by:knausscpa
ID: 20383125
I did almost exactly what BBAO said.  I will be going in again today and will give it another try and see.
0
Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

 
LVL 37

Expert Comment

by:bbao
ID: 20385521
3. ask the user log on again. additionally, test if the user can work well *without* his/her old data. if yes, do the next step to restore the data.
0
 

Author Comment

by:knausscpa
ID: 20386572
I figured it out the problem was that she used a different account for her exchange email.  Once i setup outlook with that exchange account it was taking those permissions and ignoring the permissions for the main user login. Once i added the exchange account to the same GP then it worked.
0
 
LVL 37

Expert Comment

by:bbao
ID: 20387110
> Once i setup outlook with that exchange account it was taking those permissions and ignoring the permissions for the main user login.

do you mean public folders' permissions?
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question