Re: User accounts being deleted

From: Dave Stoecker (david_stoecker_at_hotCOFFEEmail.com)
Date: 11/08/04 

Date: Mon, 8 Nov 2004 08:48:23 -0600

Andy,

If someone has set a policy that is affecting local group membership,
it might be in an AD group policy object under:
Computer Configuration>Windows Settings>Security Settings>Restricted Groups
It could also be done using a machine startup script, or other scripting
method.

Hope that helps,
DS

"Andy L" <anonymous@discussions.microsoft.com> wrote in message
news:450701c4c588$ff231590$a601280a@phx.gbl...
> Hi Marina,
>
> The application that requires local admin rights is an
> ageing database that we are due to phase out. Some reports
> just dont run if you don't have local admin rights.
>
> OK... I've check file/print sharing and ipconfig shows
> everything is pointing to the server. I have one WinXP
> system that is not affected, I cant see anything in its
> setup that is diferent from all the others. If I added a
> new client system to the network today, by tomorrow I can
> guarantee it will suffer the same problem.
>
> If someone did have domain admin rights how would they
> implement a policy that would have this effect?
>
> Thanks... Andy
>
>
>>-----Original Message-----
>>Hi Andy,
>>
>>What kind of an application is that, that it wants the
> user to be a local
>>admin???
>>
>>Is File and Printersharing enabled on the workstations?
> Does the
>>ipconfig/all show that everything is pointing to the
> server IP? Are there
>>any users at all with domain admin rights?
>>
>>--
>>Regards,
>>
>>Marina
>>Microsoft SBS-MVP
>>
>>"Andy L" <anonymous@discussions.microsoft.com> schreef in
> bericht
>>news:4d7001c4c581$d8273e00$a301280a@phx.gbl...
>>> Hi Marina,
>>>
>>> Thanks for coming back to me. We have an application
> that
>>> doesn't run correctly unless the user has local admin
>>> rights to their system. I forgot to mention that the
>>> monitoring console for our anti-virus is unable to
>>> view/control these systems across the network, although
>>> they are updating correctly.
>>>
>>> If someone had been messing with Group Policies, what
>>> would I be looking for?
>>>
>>> Kind regards.... Andy
>>>
>>> >-----Original Message-----
>>> >Hi Andy,
>>> >
>>> >Why would a user need local admin rights? That is only
>>> needed when
>>> >installing applications.
>>> >Things don't happen just by itself. If you are not the
>>> one who perhaps made
>>> >group policies for this, then there must be someone
> else
>>> with admin rights
>>> >doing that.
>>> >
>>> >--
>>> >Regards,
>>> >
>>> >Marina
>>> >Microsoft SBS-MVP
>>> >
>>> >"Andy L" <anonymous@discussions.microsoft.com> schreef
> in
>>> bericht
>>> >news:0a5201c4c57a$539da9a0$a501280a@phx.gbl...
>>> >> Hi all, hope you can help with this problem. We have
> a
>>> >> SBS2K sever with 40 client workstations attached. The
>>> >> clients are a mixture of win2k and XP. A few weeks
> back
>>> I
>>> >> noticed that users accounts on their workstations had
>>> been
>>> >> removed, meaning anything that required admin rights
> on
>>> >> their PC was denied to them. I reset these by logging
>>> onto
>>> >> each system as a local administrator and added the
>>> domain
>>> >> users and domain administrators account to each one,
> but
>>> >> over a period of a couple of days these accounts have
>>> been
>>> >> deleted with the exception of one windows XP
> machine. I
>>> >> have repeated this exercise several times, and each
> time
>>> >> the accounts disapeared, sometimes in minutes,
> somtimes
>>> >> taking a couple of days. It is not possible that
> someone
>>> >> is manualy removing these as I have witnessed this
>>> >> happening when no one else has access to the network.
>>> >>
>>> >> I have checked for viruses, spyware, and any unusual
>>> >> registry entries on server and clients. There is also
>>> >> nothing set in group policies.
>>> >>
>>> >> Any help would be much appreciated, this is driving
> me
>>> mad.
>>> >>
>>> >> Regards...... Andy
>>> >>
>>> >
>>> >
>>> >.
>>> >
>>
>>
>>.
>>

Relevant Pages

  • Secure Boot Settings "on." Cant turn "off" on local system.
    ... >I cannot turn off the Secure Boot Settings for logon, ... or I don't have admin rights. ... >group policy since there is no PDC and I do have admin ...
    (microsoft.public.win2000.security)
  • Re: all domain user should have admin rights on single computer
    ... Create a new OU move the compouter to it, create a new GPO and use Restricted Groups from Computer configuration>Windows settings>Restricted Groups Here you can configure the settings for your needs. ... If you are ready with it, rightclick the policy name and check the securoty tab that apply Group policy is checked. ... I want that all the domains user should have the admin rights on a ... computer using the domain he can hve the complete admin rights. ...
    (microsoft.public.win2000.active_directory)
  • Re: allow users to run application
    ... > you will find users denied access to the application folder in program ... > user computer use policy. ... The link below explains SRP more. ... >>I have a bunch of application that needs admin rights to run. ...
    (microsoft.public.win2000.group_policy)
  • Re: Admin rights to local system via GPO
    ... I have verified once again the recommended GPO settings ... Microsoft Windows XP ... Group Policy was applied from: ... The group still does not have admin rights ...
    (microsoft.public.windows.group_policy)
  • Re: Secure Boot Settings "on." Cant turn "off" on local system.
    ... When you change a Local Security Setting, ... FYI there is a local Group Policy on your computer available with gpedit.msc. ... or I don't have admin rights. ...
    (microsoft.public.win2000.security)