troubleshooting Question

Local Administrators Group missing known Administrator account

Avatar of Sirius_Systems
Sirius_SystemsFlag for United States of America asked on
Windows XPActive DirectoryOS Security
9 Comments1 Solution2626 ViewsLast Modified:
I'm an MCP consultant, but I've just run into a new problem with a new client.  

In migrating older PCs running XP Pro previously joined to an OLD Win Server 2000 Active Directory Domain to a NEW Win Server 2003 AD Domain the Domain Administrator account was not added to the Local Administrators Group.  Therefore the only member of the critical Local Administrators group is the Local Administrator.  Unfortunately, because this is a new client that is a disorganized non-profit with a revolving door of employees and administrators, NO ONE knows the Local Administrator password.  I hoped it was the same as the OLD Domain Admin Password, but NOPE.  I of course tried manually adding the Domain Admin account to the Local Administrator group, but NO privs there either.

So the questions is, is there a way to force the Local Machine to accept the Domain Administrators Group as a member of the Local Admin?  I looked at Group Policy to see if there might be something, but I couldn't find it.

Is the only resolution a total reinstall of the OS?  I'm beginning to think so, but I hope there's an expert out there with some experience to this.
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 1 Answer and 9 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 9 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros