Re: Cannot Add Domain Accounts to Local Admin Group
anonymous_at_discussions.microsoft.com
Date: 03/29/04
- Next message: Cary Shultz [A.D. MVP]: "Re: Cannot Add Domain Accounts to Local Admin Group"
- Previous message: bruce: "Re: site link design question"
- In reply to: Cary Shultz [A.D. MVP]: "Re: Cannot Add Domain Accounts to Local Admin Group"
- Next in thread: Cary Shultz [A.D. MVP]: "Re: Cannot Add Domain Accounts to Local Admin Group"
- Reply: Cary Shultz [A.D. MVP]: "Re: Cannot Add Domain Accounts to Local Admin Group"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 29 Mar 2004 05:03:31 -0800
Cary,
Thank You for the speedy reply. I am trying to add
domain user accounts into the Local Administrators group
on several XP and Win2K systems. I get an error
staing "the domain does not exist or cannot be located".
No changes have been made to DNS, WINS, or DHCP. There
is only the default GPO implemented. If I add the user
to the Domain Admins group, they have full access to the
local system, but I really would like to avoid that
senerio.
Since I only work there on Saturday's I cannot
troubleshoot as I would like. I'll be sure to check the
articles you advised.
Thanks again. I really appreciate your advisments!
JT
>-----Original Message-----
>JT,
>
>To what 'local admin group' are you referring? And
where - on the
>WIN2000/WINXP clients or on the SBS2000 Server?
>
>My guess is that you are referring to your clients. Do
you know if the
>Group Policy 'Restricted Groups' has been implemented.
This could have
>something to do with your issue. Take a look at the
following MSKB Article:
>
>http://support.microsoft.com/?id=320065
>http://support.microsoft.com/?id=320045
>http://support.microsoft.com/?id=228496
>http://support.microsoft.com/?id=279301
>
>By default, the 'Domain Admins' group is a member of the
local
>'Administrators' group on each client system. The use
of the 'Restricted
>Groups' GPO can be used to make sure that no other user
account/group
>account can be added to the local 'Administrators'
group. Initially, when
>applying this GPO all members of the
local 'Administrators' group were
>replaced by whatever group you indicated in the GPO (
typically the 'Domain
>Admins' group ). However, there was a later fix for
this that 'merged' the
>group that you were using in the GPO with the current
members of the local
>'Administrators' group. Please see the following MSKB
Article:
>
>http://support.microsoft.com/?id=810076
>
>Does this help you? Also, what error message are you
receiving when
>attempting to do this? And how are you trying to do
this?
>
>HTH,
>
>Cary
>
>
>"JT" <anonymous@discussions.microsoft.com> wrote in
message
>news:14fe201c41587$ff569890$a401280a@phx.gbl...
>> I periodiacally support a small business with SBS 2000.
>> I cannot add Domain accounts into the local admin
group.
>> I was able to do this several weeks ago. I recently
>> completed Windows Updates, and feel this may be my
>> issue.
>>
>> Any others with this problem?
>>
>> Thanks,
>> JT
>
>
>.
>
- Next message: Cary Shultz [A.D. MVP]: "Re: Cannot Add Domain Accounts to Local Admin Group"
- Previous message: bruce: "Re: site link design question"
- In reply to: Cary Shultz [A.D. MVP]: "Re: Cannot Add Domain Accounts to Local Admin Group"
- Next in thread: Cary Shultz [A.D. MVP]: "Re: Cannot Add Domain Accounts to Local Admin Group"
- Reply: Cary Shultz [A.D. MVP]: "Re: Cannot Add Domain Accounts to Local Admin Group"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
