Removing user from local admin group force to take effect without logging off/back in?

Posted on 2013-10-29
Medium Priority
Last Modified: 2013-11-01
Win 7 when you remove the domain user from the local admin group on their machine they still have admin rights until they logoff and log back in as their domain user, it seems.  how can you force this to update immediately?

I add the user remotely from computer managemnt connection to their remote computer and also maintain this at their desktop at times.  Either way I remove them remotely or at desktop i noticed they have to logoff and log back in for the change to take effect.  Thx
Question by:dee30

Expert Comment

ID: 39608871
I don't think you can make this change happen without a log-off.  If you use VNC, it will stay connected to the remote computer even after the user is logged out.
LVL 13

Accepted Solution

Mark Galvin earned 1050 total points
ID: 39608934
As part of the log on process windows checks what permission the user has either locally or via domain. These permissions are only checked again on log in.

So removing their access while logged in will only take affect after another log in and therefore check of permissions.

Featured Post

Simple Misconfiguration =Network Vulnerability

In this technical webinar, AlgoSec will present several examples of common misconfigurations; including a basic device change, business application connectivity changes, and data center migrations. Learn best practices to protect your business from attack.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Phishing emails are a popular malware delivery vehicle for attack.  While there are many ways for an attacker to increase the chances of success for their phishing emails, one of the most effective methods involves spoofing the message to appear to …
Each password manager has its own problems in dealing with certain websites and their login methods. In Part 1, I review the Top 5 Password Managers that I've found to be the best. In Part 2 we'll look at which ones co-exist together and why it'…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question