Solved

restricted groups not working

Posted on 2010-08-23
5
753 Views
Last Modified: 2013-12-04
Hi,
Windows 2003 DC with XP computers.
We've added users that we need to give Local admin rights to XP computers.  We added them to the GPO and linked it to the OU's where the computers reside.   They're being applied to the computer configuration.
We see the GPO present in the computer configuration properties of rsop.msc, but still don't seen them applied (we don't see the users in the administrators group).    
Any suggestions?  
0
Comment
Question by:seven45
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 125 total points
ID: 33502694
Can you take a screenshot of the GPO (if you can)   Sounds like you did everything right.  Florian also has a really good entry
http://www.frickelsoft.net/blog/?p=13
Any errors in the event logs on the machines telling you that the GPO didn't apply?
Thanks
Mike
0
 
LVL 16

Assisted Solution

by:Ady Foot
Ady Foot earned 125 total points
ID: 33502700
Hi,

Sounds like you've configured this properly but just to be sure, please check through the following guide:
http://www.windowsecurity.com/articles/Using-Restricted-Groups.html

Once confirmed please let me know.  It's probably a nesting issue if the instructions above don't help.

Regards,

Ady
0
 

Author Comment

by:seven45
ID: 33641685
What port do the GPO's use?
Using rsop.msc, I do see the gpo being applied, but i dont see the group added into the Local users and groups of the Local computer.  
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 33641782
ports are listed within this document  http://support.microsoft.com/kb/832017
 
0
 

Author Closing Comment

by:seven45
ID: 33789949
Although my problem isn't completely solved, I don't have access to the client for another month---I'll test the above, and if it still presents itself as an issue, I'll create a new question.
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question