Solved

User setup

Posted on 2011-02-15
19
344 Views
Last Modified: 2012-05-11
I add a user into my Active Directory. Make the settings in "Properties" the same as every other user in the AD. When the user goes and logs into her workstation she is not able to run the application that we are running on the network. She need to have Administrator access on the workstation to be able to run the app. What have I not done to allow the user to work on the computer as an administrator?
0
Comment
Question by:twallin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
  • 4
  • +2
19 Comments
 
LVL 34

Assisted Solution

by:Paul MacDonald
Paul MacDonald earned 230 total points
ID: 34900486
Added the user to a group with administrative priviledges?
0
 
LVL 3

Expert Comment

by:andreibutu
ID: 34900500
you should add the user in local administrators group on her workstation.
0
 
LVL 3

Assisted Solution

by:rxdeath
rxdeath earned 90 total points
ID: 34900502
local permissions and ad permissions are different.  if you need her to have administrator access locally on her machine you will need to go into the users and groups (right click on my computer and do manage) and set her as an administrator locally.
0
How Do You Stack Up Against Your Peers?

With today’s modern enterprise so dependent on digital infrastructures, the impact of major incidents has increased dramatically. Grab the report now to gain insight into how your organization ranks against your peers and learn best-in-class strategies to resolve incidents.

 

Author Comment

by:twallin
ID: 34900652
I created a user with the same name as the AD name and added that to the local Administrators group. That didn't work. What do you mean by - "Set her as an administrator locally"  "addthe user in local administrators group."
When the user is logged into the domain she is not showing up in the Users and Groups in Manage under My Computer.
0
 
LVL 5

Assisted Solution

by:Noduzz
Noduzz earned 180 total points
ID: 34900673
Like everyone else is saying here the user needs to be added to the local admins group on the machine is what it sounds like.  That being said what you can do for the future is in Group Policy you can add a custom group to the local admins on all computers and then just make sure to add the users that need to run that application into that folder.  That would make your job easier in the future but for now you can just add the user to the administrators group on the machine itself.
0
 
LVL 5

Expert Comment

by:Noduzz
ID: 34900704
when you add the user to the group you need to make sure you add the user as Domain\Username or Username@domain.com (or .local depending on your domain) also make sure you log the user off the computer and back on.
0
 
LVL 3

Expert Comment

by:andreibutu
ID: 34900712
0
 
LVL 3

Expert Comment

by:rxdeath
ID: 34900719
when you go to her name in the manage under my computers, it says she is a member of comptuername\administrators or whatever?

that is all it takes to install a program locally


yes i meant add to the local group administrators when i said set her to admin
0
 

Author Comment

by:twallin
ID: 34902806
I am unable to add any user to the admin group. it won't accept domain\user and comes back with the error Name Not Found at this location. The location is the workstation name.
0
 
LVL 34

Assisted Solution

by:Paul MacDonald
Paul MacDonald earned 230 total points
ID: 34906519
Is it possible the problem is with the workstation?  Is it a member of the domain?  Can any other domain user log in to it and use this application successfully?  Can the problem user log in to a different workstation and run the application successfully?
0
 

Author Comment

by:twallin
ID: 34907349
The user, newly added to the domain, cannot login to any workstation and run the software. As said above they have to be added to the local administrtors group. That is what I can't seem to do. Yes other user can login and run the app. I have gone to other workstations and cannot add the user to the administrators group. When i try to add the users to admin the dialog does not get the domain. And I have logged in as a domain user with local administrator access and logged in as the local administrator, nothin' doin'. There is no Group Policy in the domain other than the default, I assume because I don't know.
0
 
LVL 34

Accepted Solution

by:
Paul MacDonald earned 230 total points
ID: 34907467
To be clear - can every user in the domain run this application on their local computer?  
Do you go around and add every user in the domain to the Local Administrators group so they can run this application?  If so, why not just add Domain Users to the Local Administrators group on your computers?  Then you don't have to add users piecemeal.
I'm at a loss as to how you've managed to set up all the other users in the domain as Local Administrators, but can't get this one set up...


Follow this process and tell us where it breaks down for you:
Right-click on My Computer and select Manage
In Computer Management, under System Tools, expand Local Users and Groups, then select Groups
Right-click on Administrators and select Add To Group
When the properties dialog shows up, click Add...
In the Select Users, Computers, Service Accounts, or Groups dialog, click the Locations... button
In the Locations dialog, select Entire Directory.  Click OK.
Type in the domain name of the user you're trying to add to the Local Administrators group.  Click Check Names and make sure it comes back with a valid account.  Click OK.
You should now see that user in the list of Local Administrators.  Click OK.

Let us know how it goes!
0
 
LVL 5

Assisted Solution

by:Noduzz
Noduzz earned 180 total points
ID: 34907540
Try this: log on to the a machine as the user and run this from the command prompt:

gpresult /r

 Then verify what groups the user is a member of and make sure that it the user is a member of all necessary groups.  Specifically look for BUILTIN\Administrators.  You might want to try to add the user to the domain admins group (only temporarily) and log in and run the app to make sure that it is not something other than permissions.
0
 

Author Comment

by:twallin
ID: 34908423
paulmacd:
Where it breaks down in is the step - In the Locations dialog, select Entire Directory. The only location that comes up is the local computer.
Noduzz:
gpresult /r did not work
0
 
LVL 34

Expert Comment

by:Paul MacDonald
ID: 34908517
Are you logged in as a user in the domain?  If the domain doesn't show up as a location, either the user isn't logged in to the domain or the computer isn't a member of the domain (and so the user isn't logged in to the domain).
0
 
LVL 5

Expert Comment

by:Noduzz
ID: 34908579
yeah it sounds like you are not on the domain, liek paul said , if you cant run gpresult its probably because you are not on the domain.
0
 

Author Comment

by:twallin
ID: 34909419
paulmacd:
Yes I am logged in as a member of the domain and an administrator og the local PC. The computer in is the domain computers group. So if the environment is not in the domain there is somthing, matbe on the server, not working as should be.
0
 
LVL 34

Expert Comment

by:Paul MacDonald
ID: 34909966
Maybe, but it sounds really odd (and maybe really bad) given it's not just a problem with the computer but evidently also a problem with the user.  This points to a possible problem with Active Directory itself, but what that might be, I don't know.
0
 

Author Comment

by:twallin
ID: 34911012
paulmacd:
Thanks for your help.
The problem turned out to be on the server with the dns setup. There was none. The ISP dns was kinda hard coded into the router DHCP and handed down to the clients because the router is setup to dhcp. So the dns on the server, running Win srvr 2003, was not setup to give domain information and the ISP dns did not have our local info. After fixing the server dns setup  the domain comes up in the Add User part of the Administrators group on the local computer. And a group policy for the Domain Users group was setup to add the Domain Users group to the local Administrators group. After I learn a little more about Group Policies I will lock down the users access to the work stations.
Also can you suggest a way of distributing points here? I not real sure how to do that.
0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

687 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question