Solved

how to disable 'protected' group

Posted on 2010-09-08
4
319 Views
Last Modified: 2012-05-10
Within our AD sctructure, I've discovered that a security group named "company employees" has been protected. Get-ADGroup -LDAPFilter "(objectcategory=group)(admincount=1)" proved this to be true.

This is preventing our help desk from changing passwords. I understand this isn't desired by any means. I'm just trying to fix it. How can I un-protect this group?
0
Comment
Question by:rareguy
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 500 total points
ID: 33630722
You can set admincount back to 0 using adsiedit

This is all because of adminsdholder and the DS team had a good entry on it

http://blogs.technet.com/b/askds/archive/2009/05/07/five-common-questions-about-adminsdholder-and-sdprop.aspx

They linked to Michael Smith's blog which is also worth reading.

Thanks

Mike
0
 

Author Comment

by:rareguy
ID: 33630840
Thanks, giving that a try
0
 

Author Comment

by:rareguy
ID: 33631017
That worked, Thanks!
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 33631404
Excellent, good work to make the change
0

Featured Post

Backup Solution for AWS

Read about how CloudBerry Backup fully integrates your backups with Amazon S3 and Amazon Glacier to provide military-grade encryption and dramatically cut storage costs on any platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This article outlines the process to identify and resolve account lockout in an Active Directory environment.
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

697 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question