dpsys
asked on
Domain Admins not automatically added to the Builtin Admins group on member servers
I have a three-node test network that has one AD server and two other servers (all installed with Windows Server 2008 Enterprise Edition). My problem is that when the non-AD servers are added to the domain the Domain Admins group is not automatically added to the Builtin Administrators group on the new member servers. I could be wrong, but I was under the impression that any time a computer is added to a domain that the new member computer would automatically have the Domain Admins group added to the Builtin Administrators group.
ASKER
I don't think so because the servers are all installed using a template which I created from scratch with a Server 2008 Ent ISO.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I'm already on it, but at this rate (meetings, etc.) it may take until Monday to get it done. I will post the results as soon as I can. Thanks for the comments.
Use RSOP.msc and verify if there's any GPO configuring restricted groups.
ASKER
The problem was with the VM Template. It looks like the DC and the two member servers had all the same SIDs due to using the same template for all three VMs. When I added a new machine (not from a template) to the domain, it worked fine. I just recreated the template using a sysprep file and it's working fine now. Thanks for the input guys.
Nice work creating the new template.
Thanks
Mike
Thanks
Mike
Thanks
Mike