how to disable 'protected' group

Posted on 2010-09-08
Medium Priority
Last Modified: 2012-05-10
Within our AD sctructure, I've discovered that a security group named "company employees" has been protected. Get-ADGroup -LDAPFilter "(objectcategory=group)(admincount=1)" proved this to be true.

This is preventing our help desk from changing passwords. I understand this isn't desired by any means. I'm just trying to fix it. How can I un-protect this group?
Question by:rareguy
  • 2
  • 2
LVL 57

Accepted Solution

Mike Kline earned 2000 total points
ID: 33630722
You can set admincount back to 0 using adsiedit

This is all because of adminsdholder and the DS team had a good entry on it


They linked to Michael Smith's blog which is also worth reading.



Author Comment

ID: 33630840
Thanks, giving that a try

Author Comment

ID: 33631017
That worked, Thanks!
LVL 57

Expert Comment

by:Mike Kline
ID: 33631404
Excellent, good work to make the change

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…

600 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question