Re: The User That Wouldn't Die

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

I tried it with a user who never connected to this computer (not plugged
into the domain) and it rejects the credentials - but a user who has logged
into the domain from this computer at least once - it recreates the account.

"Scott" <smichels62@xxxxxxxxx> wrote in message
news:%23KOAz6anFHA.764@xxxxxxxxxxxxxxxxxxxxxxx
> Yes, that's what I've found so far as well. Obviously Windows caches that
> information somewhere but where is probably anyone's guess. Also, I tried
> testing on the same laptop with another user name that was not used to
> connect the machine to the domain and it gets recreated as well so
> apparently Windows does it with all domain users. Thanks for trying.
>
> Scott
>
> "JHP" <goawayspam@xxxxxxx> wrote in message
> news:%23sYq20SnFHA.1412@xxxxxxxxxxxxxxxxxxxxxxx
>>I just tested my theory and so far I'm SOL - if the user has previously
>>logged in to the domain - and after all traces of that user have been
>>deleted - logging in as that user (not currently connected to the
>>network) - it re-creates the account - strange... I will keep testing.
>>
>> "JHP" <goawayspam@xxxxxxx> wrote in message
>> news:%23pV0SkSnFHA.1372@xxxxxxxxxxxxxxxxxxxxxxx
>>> Not only do you have to delete the User Profile but also the User
>>> Account.
>>>
>>> The complete User Profile including directories can be deleted from
>>> System
>>> Properties - Advance Tab - User Profiles - Settings button (you cannot
>>> be
>>> logged in to the account your deleting).
>>>
>>> From there you have the User Accounts link - click this to open the User
>>> Accounts window - there delete the domain account.
>>>
>>> If this completely deletes the Account - it should be no trouble from
>>> there
>>> to set it to code...
>>>
>>> "Scott" <smichels62@xxxxxxxxx> wrote in message
>>> news:ujmgsrRnFHA.2484@xxxxxxxxxxxxxxxxxxxxxxx
>>>> I've been pulling my hair out over this one for a while now and I'm
>>>> hoping that someone out there can give me a clue, if not a solution.
>>>>
>>>> At the company I work for we have many laptops and desktops with
>>>> Windows XP Pro installed on them. The machines have been locked down
>>>> with a special Administrators account on them. This special user is
>>>> part of our domain. Some time ago the password for this admin account
>>>> was compromised so on our next quarterly update CD that we send to the
>>>> end users out in the field we want to make it so that the users are no
>>>> longer able to login as that user.
>>>>
>>>> I quickly discovered that you can't change the password of a domain
>>>> user when the laptop is not connected to the domain server (most of
>>>> these laptops won't be connecting to the domain server for a good long
>>>> time). So my next idea was to create a new local admin user with the
>>>> same name but a new password and then somehow disable or delete the old
>>>> domain user. I'm able to create the new user with no problems.
>>>>
>>>> In VBScript I tried both disabling the user and dropping the user from
>>>> the Administrators group but neither of those methods worked. Since I
>>>> wasn't having any luck getting rid of the user in VBScript I decided to
>>>> see what happens just using the regular Windows tools. Using the
>>>> control panel I deleted the user. I deleted everything for the user
>>>> from the Documents and Settings folder. I deleted the user's profile.
>>>> The laptop that I'm testing with is not connected to anything but the
>>>> user is still able to login and still has administrator permissions.
>>>> What do I have to do to get rid of this user?
>>>>
>>>> Thanks in advance,
>>>>
>>>> Scott
>>>>
>>>
>>>
>>
>>
>
>


.

Quantcast