Solved

Currupt User Assignment

Posted on 2011-02-24
6
333 Views
Last Modified: 2012-05-11
In user Group policy - rights assignments I have a entry starting with “*S-1-5-21-9918795-2052802652” as a local security setting/Log on as a service  and I thought I read somewhere that could be a corrupt record or user. Can someone tell me if that is the case please?
0
Comment
Question by:rjackmanwyn
  • 3
  • 2
6 Comments
 
LVL 5

Accepted Solution

by:
smangogna earned 250 total points
ID: 34971451
Usually if you remove the user ho sould have that right, you'll see  those kind of entry

Sergio
0
 

Author Comment

by:rjackmanwyn
ID: 34971491
So If I deleted a user from Active Directory it doesn't remove them from rights assignments?
0
 
LVL 5

Expert Comment

by:smangogna
ID: 34971589
I am not sure if it happens everytime or if you have to wait fo sincronization, but I have seen it very often
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:rjackmanwyn
ID: 34971868
OK one last question. Is it safe to revome this user entry?
0
 
LVL 77

Assisted Solution

by:arnold
arnold earned 250 total points
ID: 34971975
Yes, it is safe to remove the entry.
The information stored/referenced are SIDs which is in the format you have when viewing data those entries are looked up and converted to the username, groupname, etc. When the account is deleted, you will only see the references.

This means that you have assigned the GPO to the specific user versus assigning to a group of which this user was a member.

At times using groups to which you add users is better than assigning individual users to GPOs.
0
 

Author Closing Comment

by:rjackmanwyn
ID: 34972884
Thanks to both of you for your help
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question