Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

AD Permissions not working on a workstation

Posted on 2007-11-29
6
Medium Priority
?
269 Views
Last Modified: 2013-12-23
I have a workstation that was using Windows 2000 connected to Server 2003 AD. I moved the documents and settings contents of the user to a new fresh install after the user was created on first login.  This new machine replaced the old which is off the network. Now the group policy permissions aren't working for a user IE User X in Group Y cannot read write to Share Z when Group Y has full access to the share. I tried logging in as an admin in safemode and renaming the user to _X then created a fresh user. And copied specific application data, outlook firefox etc, and documents and the problems appears to have come up again.  If the user logs into another machine they can get access to the share and if the another user with access to those shares logs into this machine they will get access.  Should i rename the NTUSER.DAT or some other file to reset the credentials?
0
Comment
Question by:knausscpa
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 3

Assisted Solution

by:greymirror
greymirror earned 450 total points
ID: 20380225
If i have this problem i generally only copy their files across (My Documents and Desktop). I've tried copying application data and found that the microsoft settings don't handle it very well. Windows XP has a settings migration wizard to handle this, but i'm not sure if 2000 does.

NTUSER.dat needs to be specific to the computer or it will try and re-create it - don't copy it from another profile.
0
 
LVL 37

Accepted Solution

by:
bbao earned 1050 total points
ID: 20380790
you may try to

1. back up the all data of the problem user under C:\Documents and Settings\USERNAME (including its sub-folders)
2. delete the problem user's profile from Control Panel | System | User Profiles
3. ask the user log on again.
4. restore his/her data from the following folders (including its sub-folders) in the above backup.

C:\Documents and Settings\USERNAME\Desktop
C:\Documents and Settings\USERNAME\Favorites
C:\Documents and Settings\USERNAME\My Documents
C:\Documents and Settings\Administrator\SendTo (only if necessary)
C:\Documents and Settings\USERNAME\Start Menu (only if necessary)
C:\Documents and Settings\USERNAME\Templates (only if necessary)

5. if it is *really* necessary, restore his/her data from the following folders (probably NOT including its sub-folders) in the above backup

C:\Documents and Settings\USERNAME\Application Data
C:\Documents and Settings\USERNAME\Local Settings\Application Data

6. as greymirror mentioned above, do NOT copy NTUSER.DAT file. actually, you log on as the problem user, you cannot copy this file as it is being used.
7. restore other files, probably those on other user folders or in other partitions.

hope it helps,
bbao
0
 

Author Comment

by:knausscpa
ID: 20383125
I did almost exactly what BBAO said.  I will be going in again today and will give it another try and see.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 37

Expert Comment

by:bbao
ID: 20385521
3. ask the user log on again. additionally, test if the user can work well *without* his/her old data. if yes, do the next step to restore the data.
0
 

Author Comment

by:knausscpa
ID: 20386572
I figured it out the problem was that she used a different account for her exchange email.  Once i setup outlook with that exchange account it was taking those permissions and ignoring the permissions for the main user login. Once i added the exchange account to the same GP then it worked.
0
 
LVL 37

Expert Comment

by:bbao
ID: 20387110
> Once i setup outlook with that exchange account it was taking those permissions and ignoring the permissions for the main user login.

do you mean public folders' permissions?
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question