Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Cannot unlock Domain user account

Posted on 2014-01-29
4
Medium Priority
?
2,264 Views
Last Modified: 2014-01-29
Cannot unlock Domain user account

we used to have user1 as member of domain admins group, then we removed him.

we have user2 that we delegated unlock accounts privileges, he can unlock all domain users account, but he cannot unlock user1 account, it shows grayed out.

User1 has been logged off many times after his acount was removed from domain admins group, but user2 still cannot unlock user1 account


all domain controller are local in the LAN and in the same site.


Any help?

Thanks
0
Comment
Question by:jskfan
  • 3
4 Comments
 
LVL 84

Accepted Solution

by:
David Johnson, CD, MVP earned 1000 total points
ID: 39819359
is user 1 a member of the domain users security group?
0
 

Author Comment

by:jskfan
ID: 39819444
<<is user 1 a member of the domain users security group? >>

Yes
0
 

Author Comment

by:jskfan
ID: 39819706
this fixed it:

http://enterpriseadminanon.blogspot.com/2009/05/that-admincount-adminsdholder-and.html


If you are using adsiedit.msc, you should take the following steps:
•Right click the user (or group) and select Properties.
•On the Attribute Editor tab, find the admincount attribute. Select it and click the [Edit] button. Click on the
button (or set the value to 0 if you want the historical artifact). Click [Ok].
•Select the Security tab
•Click on the [Advanced] button. Click on the [Default] button. This will restore the removed permissions PLUS it will put a check mark next to the “Allow inheritable permissions…” box, which you want.
•Click on [Ok] until you close out that user’s properties
0
 

Author Closing Comment

by:jskfan
ID: 39819852
thanks for responding
0

Featured Post

Veeam Task Manager for Hyper-V

Task Manager for Hyper-V provides critical information that allows you to monitor Hyper-V performance by displaying real-time views of CPU and memory at the individual VM-level, so you can quickly identify which VMs are using host resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

783 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question