Avatar of lianne143
Flag for United States of America

asked on 

Why a Local administrator membership is removed when a GPupdate /force is done on the user PC


We were having Windows 2008 Domain controllers and migrated our DCs to  Windows 2012.
When we had Windows 2008 DCs we had Windows XP PCs in our network. So on the XP  PC if  we go to computer management – Local users and groups- Groups and here if I add any user to the administrators group, they were successfully added and the users were able to have local admin access to their PC.

Now since we migrated to windows 2012 and windows 7, if go to the user PC log in as domain administrator and add them to the local administrator group and if I do a GP update/ force on the user PC and check if the users still is added in the local administrator group. I can see the user is removed.
No sure why the user is removed from them Local administrator group when a GPupdate  /force is done on the user PC.
Any help to sort this will be great
Thanks in advance
Active DirectoryWindows 7

Avatar of undefined
Last Comment

8/22/2022 - Mon