We help IT Professionals succeed at work.

Strange problems with domain security/ user account privelidges

plug1 asked
I have a customer with 3 servers (1 DC 2 member servers), they where it with the servu virus last year witch killed a 2nd DC at the time, this is currently offline. Since this users can log in and use the domain resources but there are lots of issues with access rights. A good example of this is if I log into either of the member servers as the domain admin I dont get local admin privelidges, another constant issue is if I try to push out backup exec remote agents no matter if I use the domain admin account or the local admin account for that server it always fails with access right issues? All 3 servers are running 2003 server R2 with SP2.

Thanks in advnace for any help.
Watch Question

Is the remaining server holding all the FSMO roles? If not you need to move these to the server check the MS Artice:


are the old servers still listed as DC's in AD, if so can you demote the DC from AD? If not use the procedures at the end of the following to remove the server out of AD


Check the Event logs - usually there will be something here that will point you to the problem


The remaining server has all the FMSO roles and I have already removed the old server from the AD.



OK I have rebuilt and repaired the DNS server which as sorted out the member servers ability to browse the AD when adding global groups to local groups which they couldnt do before (the domain wasnt even listed) bu the problem of domain admins not getting local admin rights is still there??? I havent rebooted the member servvers yet but I doubt that it will have an effect.

Any ideas people.
Well after rebuilding the dns server I removed and re-added the two offending servers to the domain and all is well.

Thanks for the help lol.

Explore More ContentExplore courses, solutions, and other research materials related to this topic.