Re: Local user privileges
- From: "Angel Massa" <amassa@xxxxxxxxxxx>
- Date: Fri, 16 Sep 2005 16:20:18 +0200
Hi Mark,
Thank for your help. I will try to describe the situation...
On AD the user is member of "domain users". This is fine.
Then I go to the local machine and look at the users from control panel. I
can see that the user login into the domain has administrator privileges. I
can change the privileges to user from the control panel but then the
account doesn't work. So my only option is to set the local account to
administrator for the account to work.
Is it possible that this problems happens becouse the user account has a
roaming profile?
Regards,
Angel.
> This is not the default behavior.
>
> If you look at the user object in AD, which security groups
> is the user member of?
>
> Lock in as administrator and remove the dom-user from the local
> administrator group. Lock in as user, if he is admin again, then
> there is something that takes efect on the default behavior.
> In a GPO you can manipulate this via restricted groups.
> You mus configure this manually to change the default behavior,
> thats why I think, taht there is no entry.
.
- References:
- Local user privileges
- From: Angel Massa
- Re: Local user privileges
- From: Mark Heitbrink [MVP]
- Re: Local user privileges
- From: Mark Heitbrink [MVP]
- Re: Local user privileges
- From: Angel Massa
- Re: Local user privileges
- From: Mark Heitbrink [MVP]
- Local user privileges
- Prev by Date: RE: Windows Firewall Program Exception List
- Next by Date: Grant Local Administrative right
- Previous by thread: Re: Local user privileges
- Next by thread: Re: Local user privileges
- Index(es):
Relevant Pages
|
