Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Currupt User Assignment

Posted on 2011-02-24
6
Medium Priority
?
342 Views
Last Modified: 2012-05-11
In user Group policy - rights assignments I have a entry starting with “*S-1-5-21-9918795-2052802652” as a local security setting/Log on as a service  and I thought I read somewhere that could be a corrupt record or user. Can someone tell me if that is the case please?
0
Comment
Question by:rjackmanwyn
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 5

Accepted Solution

by:
smangogna earned 1000 total points
ID: 34971451
Usually if you remove the user ho sould have that right, you'll see  those kind of entry

Sergio
0
 

Author Comment

by:rjackmanwyn
ID: 34971491
So If I deleted a user from Active Directory it doesn't remove them from rights assignments?
0
 
LVL 5

Expert Comment

by:smangogna
ID: 34971589
I am not sure if it happens everytime or if you have to wait fo sincronization, but I have seen it very often
0
Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

 

Author Comment

by:rjackmanwyn
ID: 34971868
OK one last question. Is it safe to revome this user entry?
0
 
LVL 80

Assisted Solution

by:arnold
arnold earned 1000 total points
ID: 34971975
Yes, it is safe to remove the entry.
The information stored/referenced are SIDs which is in the format you have when viewing data those entries are looked up and converted to the username, groupname, etc. When the account is deleted, you will only see the references.

This means that you have assigned the GPO to the specific user versus assigning to a group of which this user was a member.

At times using groups to which you add users is better than assigning individual users to GPOs.
0
 

Author Closing Comment

by:rjackmanwyn
ID: 34972884
Thanks to both of you for your help
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A hard and fast method for reducing Active Directory Administrators members.
Let's recap what we learned from yesterday's Skyport Systems webinar.
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question