domain user account -vs- local user account

I've just finished building a domain controller to change our network from a WORKGROUP to a more manageable and secure domain.
I've only created a few user accounts and (domain) security groups at the moment and I'm adding computers (that are rarely used) so I can do configuration and testing.
I'm adding them by right-clicking My Computer > Properties > Computer Name > Change... > clicking Domain (in Member of...) and typing in the domain.
I then use the user account that I created and click OK.  Restart the computer, log in and everything looks OK.
But...
I need to access data from the old local user account and cannot do this because the new domain user account is "standard" or "power user" or something.  Can I make it so it is part of the Local Administrators?
LVL 7
Reece DoddsAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
mwiener1Connect With a Mentor Commented:
If they had a "local" account on that machine previously, use a tool called ProfWiz to migrate the old profile to their new domain profile.

Direct link:
http://www.forensit.com/Downloads/Profwiz3.zip

Website:
http://www.forensit.com/domain-migration.html
0
 
ChiefTechGuruCommented:
Yes.  Right click My Computer, select Manage.  Computer Management window opens.  Expand Local Users and Groups, select Groups, add your domain users to the group Administrators
0
 
Reece DoddsAuthor Commented:
@ ChiefTechGuru:  I know how to do this, but I use Run... control userpasswords2 and log in with a local administrative account to add them to the group.  It works, but I'd need to do this on every single one of the 40 clients...
Is there a way that I can have this done for me with a GPO or once off login script?

@mwiener1:  I will try this tool.  Thanks for the suggestion.  But, I do want to have the domain user profiles have full access to their local machine still...
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
ChiefTechGuruCommented:
You can run the command NET LOCALGROUP /ADD <DOMAIN>\<USER>.  If you combine with PSEXEC, you could complete the task of adding users to Local Admin group at the server.
0
 
mwiener1Commented:
If you use the tool above, they will be local admins if the local account was previously a local admin. It basically copies the settings from the old local account to the new domain account. I find it to be one of the most useful tools around.
0
 
Frankie_rbcCommented:
My Computer > Properties > Computer Name > Change

or add user to the folder's permission list to allow access
0
 
Premkumar YogeswaranAnalyst II - System AdministratorCommented:
Hi,

Since you have moved from Workgroup to Domain. the domain users by default will have minimum level of access to the local system.

You can add the user to Administartors group. but it will be removed automatically by group policy.

To give the Administrator rights to the user. Add the user to restricted group in group policy.

Check the link below to configure the restricted group.

http://support.microsoft.com/kb/279301
http://www.frickelsoft.net/blog/?p=13

Regards,
Prem
0
 
Reece DoddsAuthor Commented:
Awesome tool.  Did the job perfectly.  Thanks!
0
All Courses

From novice to tech pro — start learning today.