Solved

AD users and computers console issue

Posted on 2014-11-06
5
211 Views
Last Modified: 2014-11-21
I have an AD 2008 R2 environment.
When logged in as administrator into one DC I cannot see any computers in the AD users and computers console.
When I log into as a different domain admin user to the same DC I can see them all.
If I log into another DC with both users I can see everything.
Anyone have any ideas as to why this might happen and how to fix?
0
Comment
Question by:DaveKall42
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 16

Expert Comment

by:Joshua Grantom
ID: 40426811
Sounds like a corrupted profile. Remove the domain users profile from registry and delete their users folder to recreate.
0
 

Author Comment

by:DaveKall42
ID: 40426814
Delete profile from local registry of DC in question?  Do you happen to know where that is located in registry?
0
 
LVL 12

Assisted Solution

by:jkaios
jkaios earned 250 total points
ID: 40427188
To delete and recreate an user profile, try these:

1. Log in with another user
2. Bring up the System Properties dialog box (Windows Logo Key + Break) OR sysdm.cpl
3. click the Advanced tab
4. click Settings button under User Profiles
5. in the User Profies window, select the appropriate user and click Delete
6. click OK, OK to dismiss all dialog boxes
7. log off the current user
8. log in with user you deleted in step 5 (its profile will be created automatically)
0
 
LVL 17

Accepted Solution

by:
Spike99 earned 250 total points
ID: 40427319
JKaios is correct: that's the best method to clear a user profile.

But, just an FYI, the user's profile consists of several parts.  At minimum, there are 2:
1.  Profile "hive" key in ProfileLIst key:  
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\<USER-SID>
2.  The user's folder in C:\Users

If you are using roaming profiles, then there would be a 3rd part:  a network copy of the local profile on the network.
You can configure that either using a GPO or by adding the folder path to the "Terminal Service Profile" tab in the user's account properties in Active Directory.

With Windows Server 2003 & Windows XP, you could get away with just deleting the user profile folder in C:\Documents and Settings. Windows would just re-create the profile folder if it's not found.  But, the newer OSs (Windows Vista, 7 & 8 as well Server 2008 & 2012) don't like it when you do that.

If you just delete the user's folder from C:\Users without also removing the profile key, the user will get a profile error at logon. Then, Windows will log them on using a temp profile and none of their settings will be saved at exit. That situation will persist every time they log on to the same server or PC until you remove the backup profile key created by Windows in the ProfileList key (backup keys always end in .BAK).
0
 
LVL 20

Expert Comment

by:compdigit44
ID: 40431337
Before you rebuild your profile try to clear all MMC content in the following location:

C:\Users\%username%\AppData\Roaming\Microsoft\MMC

The try to access ADUC again
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question