Re: Not using a domain admin ID when joining the domain

Tim,
You don't "use" an account. You can create, modify or delete it. The rights are in the security properties of the OU, and can be delegated by right-click.
Anthony,
http://www.airdesk.com


"Tim B" <TimB@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:D45ACE06-49B7-4C54-8C97-F564EE017276@xxxxxxxxxxxxxxxx
The computer account for the domain already exists. It was created with the
MMC plug in by a domain admin. The end user should be able to use that new
computer account without authenticating as a domain admin.

--
Thanks
Tim B


"Anthony [MVP]" wrote:

I'm not sure I follow, but the problem is that the account joining the
domain needs to be able to delete the old computer account. If you change
the delegated rights on the Computers OU it should work,
Anthony
http://www.airdesk.co.uk



"Tim B" <TimB@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:AF9128A2-2487-4351-B70D-DADA69B7F2B2@xxxxxxxxxxxxxxxx
> I have encountered a problem where clients that need to rejoin the > domain
> after a ghost image restore will not rejoin the domain unless a domain
> admin
> id is supplied at the client. In the past, we always had an admin > delete
> and
> recreat the computer account in the domain, then allowed non-admins to
> rejoin
> the clients to the domain. This prevents us from having to visit the
> client.
>
> If the user tries to join the domain without specifying a domain admin
> user
> id, the local admin id is used to set up a session with the domain
> controller
> and the login fails.
>
> Is there a group policy setting that could have changed that impacts > this?
> -- > Thanks
> Tim B


.

Relevant Pages

  • Re: Random "computer account was not found" broken profiles Server
    ... It could be connectivity, DNS, computer account password, secure ... Speaking of connectivity, "ping" alone doesn't count. ... Make sure that your clients use only their local DNS Server. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Administrator--Client installation account problem
    ... You should leave the services running as local system. ... > with the Local System Account or change it to Domain Admin Account? ... Of course if it is a domain admin that works also. ... Administrator account has the same password on all the clients. ...
    (microsoft.public.sms.admin)
  • Re: Not using a domain admin ID when joining the domain
    ... I am not trying to have an authenticated user create a machine account. ... domain using a computer account that was created ahead of time by a domain ... I used a network sniffer to verify that when the client tries to join the ... If the user tries to join the domain without specifying a domain admin ...
    (microsoft.public.windows.group_policy)
  • Possible DNS Registration issue (Windows 2003)
    ... All of my Windows Server 2003 clients are getting a message like this in ... their security logs when any account (even domain admin) tries to run an ...
    (microsoft.public.win2000.dns)
  • Re: Not using a domain admin ID when joining the domain
    ... I am not trying to have an authenticated user create a machine account. ... domain using a computer account that was created ahead of time by a domain ... I used a network sniffer to verify that when the client tries to join the ... > domain admin id is supplied at the client. ...
    (microsoft.public.windows.group_policy)
Loading