Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Local user account management using Group Policy

Posted on 2008-06-26
2
612 Views
Last Modified: 2013-12-04
Hi Experts,

there is a problem I keep coming across on my network which I think stems from a fundamental misunderstanding of how group policy works with local user accounts.

Numerous software packages I install have failed to restart their appropriate services because the default user account they created at setup is removed or does not have the appropriate privileges in our AD domain.

I have read a lot of information on the internet but cannot find a decent explanation of local user account management with group policy.

Can anyone recommend a decent web site, whitepaper, tutorial or book which will help my understanding of this subject?

I've assigned 500 points to the question because I hope you'll be able to recommend lots of good resources and so I'll have to split the points!

Many thanks for all help offered

Andrew
0
Comment
Question by:Synergix
2 Comments
 
LVL 40

Accepted Solution

by:
coolsport00 earned 500 total points
ID: 21873815
Funny you ask this...there is a website (www.gpoguy.com) that you can inquire things and, most of all, get on a listserve, to answer these and various GP-related questions. This question came up just about a week ago. In my experience, and in my org, I have local accts set via GP. What I have in my policies overwrite the default. But, according to Jamie Nelson & Darren Mar-Elia (the "gpo guy"), there is a way to "add" users to the local acct.

This is what Darren wrote in his email reply to this question:
"There are two sides to Restricted Groups. If you open the dialog you see Members of this Group at the top and This group is a member of at the bottom. So, lets say you wanted to add the Help Desk Admins group to the local Administrators group on a set of workstations. You would right-click the Restricted Groups node, choose Add Group and enter in or browse Help Desk Admins. Then, in the This group is a member of dialog, you would add the local Administrators group and, voilá!"

While I have gained great knowledge from using this site, I completely recommend getting on that listserver from GPOGUY.COM as it is also amazing. Darren actually writes books for Microsoft on GPOs so you could say he knows his stuff. :)

Hope that helps you.
Regards.
~coolsport00
0
 

Author Comment

by:Synergix
ID: 21914887
Thanks a lot for the reply Coolsport. I've joined that mailing list and am finding it very useful. You'll see some questions from me in the near future I think!

All points are yours as no one else has bothered to reply!

Many thanks

Andrew
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

One of the biggest threats in the cyber realm pertains to advanced persistent threats (APTs). This paper is a compare and contrast of Russian and Chinese APT's.
There's a lot of hype surrounding blockchain technology. Here's how it works and some of the novel ways it' s now being used - including for data protection.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question