Why a Local administrator membership is removed when a GPupdate /force is done on the user PC
Posted on 2016-10-12
We were having Windows 2008 Domain controllers and migrated our DCs to Windows 2012.
When we had Windows 2008 DCs we had Windows XP PCs in our network. So on the XP PC if we go to computer management – Local users and groups- Groups and here if I add any user to the administrators group, they were successfully added and the users were able to have local admin access to their PC.
Now since we migrated to windows 2012 and windows 7, if go to the user PC log in as domain administrator and add them to the local administrator group and if I do a GP update/ force on the user PC and check if the users still is added in the local administrator group. I can see the user is removed.
No sure why the user is removed from them Local administrator group when a GPupdate /force is done on the user PC.
Any help to sort this will be great
Thanks in advance