Mr_Wormald
asked on
Local Admin Group Errors
We have a server where we require a generic domain user to have access to the local admin group. The issue that we are expereincing is when we restart the server this user disappears and we have to go and re add this user or like today this disppeared without the server restart. and we had to go and re add, can anyone possibly shed some light on what this issue could be?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
What is the best way to create a GP making this occur, I looked through the local GP and couldnt find a policy that allowed me to set users to be apart of a certain group.
Thanks
Thanks
Like I said, I would check to make sure an existing GPO isnt already applied enforcing this at the network level.
gpresult /R would help you see what existing policies are applied. You could also try using the Group Policy Management Console which has a good summary of only settings that are applied in that policy.
gpresult /R would help you see what existing policies are applied. You could also try using the Group Policy Management Console which has a good summary of only settings that are applied in that policy.
ASKER
I will check this, but this wouldnt explain the user disappearing multiple times durning a day, without any server restarts ...... or would it?
ASKER
Attached are the gpresults and also the Domain Policy that gets applied, the user that we need to stay is CHOICEHOMES\GFI which I can see is under the "Log on as a batch job" heading. Where would we add this user to have this user stay as the local admin. Default-Domain-Controllers-Polic.htm
ASKER
After further investigation I did find that there was a GPO setting the accounts in BUILTIN\Administrators, I have now created my own GPO to include those in the original list and then the ones that keep disappearing. Thanks for your help :)
One thing you can do is create a group policy to add that user account to the local admins group and apply it to that server. We do that now and it works great.