Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Cannot remove members from AD group.

Posted on 2010-11-24
6
Medium Priority
?
1,872 Views
1 Endorsement
Last Modified: 2012-08-13
Hi,

In my AD, I am trying to remove a user from the group. E.g. remove "userabc" from group "XYZ" but I got an error
"This is the member's primary group, so the member cannot be reomved. Go to the Member Of tab of the member's property sheet and set another group as primary. You can then remove the member from this group"

What is the implication if I set the primary group of "userabc" to another group?
1
Comment
Question by:Decarn
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 3

Expert Comment

by:Patricck
ID: 34203393
A user must be in the group. First you need to assign a primary group for the user, and than you can remove.
0
 

Author Comment

by:Decarn
ID: 34203406
Hi Patricck,

I am trying to understand the impact/ implications if I were to assign the user to another primary group so that I can remove that user from that group. Any problems like permissions etc will be affected?
0
 
LVL 3

Expert Comment

by:Patricck
ID: 34203437
Yes, a group means also group permissions.
Examlple:
When a user is in the administrator group, and you will change his group to user group - it will change his rights - he will not have Admin rights anymore.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:Decarn
ID: 34203840
Hi Patrick,

Correct me if I'm wrong:
Suppose "userA" is in group "groupABC" and "groupXYZ".
"groupABC" is his primary group.
I now set his primary group to "groupXYZ" and remove "userA" from "groupABC". So now he will no longer have access to files, folders and service for "groupABC".

What is the purpose of the primary group?
0
 
LVL 3

Accepted Solution

by:
Patricck earned 2000 total points
ID: 34203974
It should be like you say in the AD environment.

http://www.activedir.org/ListArchives/tabid/55/forumid/1/postid/39869/view/topic/Default.aspx

"IMHO the primary group (as found on users, security descriptors, etc.)
is of no special consequence for Windows, and is a vestige of POSIX
influences on early NT. But I would not begrudge anyone proving me
wrong. "
1
 

Author Closing Comment

by:Decarn
ID: 34244955
Thanks got it.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

So you have two Windows Servers and you have a directory/folder/files on one that you'd like to mirror to the other?  You don't really want to deal with DFS or a 3rd party solution like Doubletake. You can use Robocopy from the Windows Server 200…
The HP utility "HP Lights-Out Online Configuration Utility for Windows Server 2003/2008" could be of great use when it comes to remotely configure a HP servers ILO WITHOUT rebooting the server. We would only need to create and run scripts using thi…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question