Solved

Problem with Joining Domain

Posted on 2008-10-16
7
224 Views
Last Modified: 2013-12-04
We have a network where a user without Administrative privleges is able to join computers that he reformats on the domian. We don't know how he is doing it and need to prevent him from doing this and also need to know how he is doing this before we contact the managment. Besideds Administrator's privilages what other methods are there? Also is there anything on windows Event Logs that we can be looking for? We also noticed that his newly rebuilded computer has port 2002 open on it.
0
Comment
Question by:mavrukin
  • 3
  • 2
  • 2
7 Comments
 
LVL 6

Accepted Solution

by:
mirzas earned 500 total points
ID: 22732283
0
 
LVL 17

Expert Comment

by:Andres Perales
ID: 22732305
In ADUC check his account properties and hit the member of tab, what security groups is he a member of?  You can start there...Account Operator privledges and Allow join computers to domain are other options that would allow that user to join computers to the domain...
0
 
LVL 17

Expert Comment

by:Andres Perales
ID: 22732324
But that is limited to only ten, it sounds like he has passed that limit?
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 6

Expert Comment

by:mirzas
ID: 22732356
Then just set it to zero.
0
 
LVL 6

Expert Comment

by:mirzas
ID: 22732365
The limit is 10 different hostnames not ten times the same hostname.
0
 
LVL 1

Author Comment

by:mavrukin
ID: 22748971
HI, thank you for the responses. No he has not passed this limit. We need to lock his account to the way it was before. In ADUC he is not a member of anything. However ms-ds-machineaccountquota has been altered. How do we change it back to Not Set? Right now he has a long binary code. Even if you switch it to decimal it still shows about 30 groups of 3 digit numbers.
0
 
LVL 1

Author Comment

by:mavrukin
ID: 22750062
Sorry, I meant ms-DS-CreatorSID has been altered.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

791 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question