Solved

Currupt User Assignment

Posted on 2011-02-24
6
335 Views
Last Modified: 2012-05-11
In user Group policy - rights assignments I have a entry starting with “*S-1-5-21-9918795-2052802652” as a local security setting/Log on as a service  and I thought I read somewhere that could be a corrupt record or user. Can someone tell me if that is the case please?
0
Comment
Question by:rjackmanwyn
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 5

Accepted Solution

by:
smangogna earned 250 total points
ID: 34971451
Usually if you remove the user ho sould have that right, you'll see  those kind of entry

Sergio
0
 

Author Comment

by:rjackmanwyn
ID: 34971491
So If I deleted a user from Active Directory it doesn't remove them from rights assignments?
0
 
LVL 5

Expert Comment

by:smangogna
ID: 34971589
I am not sure if it happens everytime or if you have to wait fo sincronization, but I have seen it very often
0
Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

 

Author Comment

by:rjackmanwyn
ID: 34971868
OK one last question. Is it safe to revome this user entry?
0
 
LVL 78

Assisted Solution

by:arnold
arnold earned 250 total points
ID: 34971975
Yes, it is safe to remove the entry.
The information stored/referenced are SIDs which is in the format you have when viewing data those entries are looked up and converted to the username, groupname, etc. When the account is deleted, you will only see the references.

This means that you have assigned the GPO to the specific user versus assigning to a group of which this user was a member.

At times using groups to which you add users is better than assigning individual users to GPOs.
0
 

Author Closing Comment

by:rjackmanwyn
ID: 34972884
Thanks to both of you for your help
0

Featured Post

Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question