Re: Global Security Group members disappear

The only vaguely relevant entry in the security log is as follows:

Event Type: Success Audit
Event Source: Security
Event Category: System Event
Event ID: 516
Date: 10/09/2007
Time: 16:48:29
User: NT AUTHORITY\SYSTEM
Computer: SENIOR
Description:
Internal resources allocated for the queuing of audit messages have been
exhausted, leading to the loss of some audits.
Number of audit messages discarded: 4

Mind you, I only had Directory Services logging failures. I've reset it to
log successes as well now.

"Jorge Silva" wrote:

I agree with steve, you should look at the logs to check what is going on...

--
I hope that the information above helps you.
Have a Nice day.

Jorge Silva
MCSE, MVP Directory Services
"Steve B" <SteveB@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:A2D67D5A-0EEC-4887-BD40-F0817041259D@xxxxxxxxxxxxxxxx
OK...have you checked the security logs on the DC's. This should now tell
you who/the process and time that the students group was removed.

"Jeremy" wrote:

Moved forest/domain level to 2003.

Members of "Students" disappeared again overnight. I have turned on
auditing of management as Jorge suggested although I think the likelihood
of
anyone other than me being able to edit AD is low.

"Steve B" wrote:

Whilst it will not explain why your groups disappeared - I would
suggest you
investigate switching your domain/forest level to Windows 2003. This
allows
you to take advantage of all the AD features.

Did you manage to check what auditing was turned on?

"Jeremy" wrote:

Hmmm... okay, further investigation reveals:

Domain Functional Level: Windows 2000 native

Forest Functional Level: Windows 2000

"Steve B" wrote:

What's the forest functional level? Do you have auditing turned on?
If so,
what are you auditing?

"Jeremy" wrote:

I should add that this is W2k3 AD

"Jeremy" wrote:

I have set up a Global Security Group called "Students" which
on a good day
contains Global Security Groups "2000", "2001"... "2007". I
recently set up
a second domain controller. Now, every morning I look in
Students and all
the Global Security Groups supposed to be members ("2000",
"2001"... "2007")
have disappeared from the list of members. There are no errors
in the Event
Logs and RepAdmin shows replication occurring correctly. To
apply a
temporary fix I visit both DCs and add the missing groups. I
also use ADUC
on my XP Pro workstation and re-apply the groups using that too
if they are
not showing.

Why do these groups disappear from the membership list of the
"Students"
group and how can I stop it happening?



.

Relevant Pages

  • Re: Global Security Group members disappear
    ... Ensure Audit Account management is set to Success and Failure in the Domain ... "Jeremy" wrote: ... Members of "Students" disappeared again overnight. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Global Security Group members disappear
    ... I agree with steve, you should look at the logs to check what is going on... ... "Jeremy" wrote: ... Members of "Students" disappeared again overnight. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Global Security Group members disappear
    ... "Jeremy" wrote: ... Members of "Students" disappeared again overnight. ... investigate switching your domain/forest level to Windows 2003. ...
    (microsoft.public.windows.server.active_directory)
  • NIU services held
    ... Reservist Julianna Gehant was laid to rest in rural Mendota with full ... Northern Illinois University students slain last week underscored ... Several hundred friends, family and fellow church members nearly ...
    (alt.true-crime)
  • Re: U.I.A. United Instructors Agency (for instructors and students)
    ... and skills, will once again bring us back to the time before time where ... train enthusiastic new students and at the same time have the chance to ... offers and opportunities for U.I.A. members. ...
    (rec.martial-arts)
Loading