Re: Domain Users group does not retain the Log on Locally right
- From: "AllenM" <noemail@xxxxxxxxxxxxx>
- Date: Thu, 15 Feb 2007 13:54:08 -0800
Here is what happened just a few minutes ago. Removed an XP SP2 machine from
the SBS domain and joined a WORKGROUP. Rebooted. Deleted computer account
from AD using the SBS Console. Readded the computer account. Logged onto
that computer locally as Administrator. Ran \\servername\connectcomputer.
Computer reboot when completed. Logged onto the SBS Domain as administrator.
Went in the Local Policy Editor and cofirmed that DOMAINANME\Domain Users
were there. Great. This is what I expected and wanted to see. I then ran MS
Updates. Rebooted and logged back onto the SBS Domain as administrator. Went
back into the Local Policy Editor and the policy is now greyed out and
DOMAINNAME\Domain Users are no longer there.
"Dave Nickason [SBS MVP]" <gwdibble@xxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:uJ%23WAhUUHHA.5016@xxxxxxxxxxxxxxxxxxxxxxx
On an effected workstation, Start -> Run -> rsop.msc. You'll get a result
showing the group policies applied to that machine and user account.
Check for conflicting policies - if you find any, it'll tell you where
they are applied from so you can edit accordingly.
"AllenM" <noemail@xxxxxxxxxxxxx> wrote in message
news:%2306DDdUUHHA.1000@xxxxxxxxxxxxxxxxxxxxxxx
I've got some workstations here in the office that appear were not joined
to the SBS domain by using the SBS wizard. I discovered this when other
users were not able to log onto any machine in the office because "Domain
Users" were not members of the "Log on Locally" policy. So what I have
been doing is removing the workstation from the domain, deleting the
computer account from AD and then readding the computer account then
going to the workstations and logging in as local administrator and
running \\servername\connectcomputer.
My issues are that when I do this I go to check the local policy on the
workstations and it does add Domain Users to the Lo on Locally policy. So
now I run Windows and Microaoft Updates and have noticed that these
machines where I had to rejoin the domain are not retaining the Domain
Users group in the Log on Locally policy. In fact when I go to view the
policy and membership I can see the members but now they are all greyed
out and I cannot manually edit them. So it appears that updates are
somehow affecting this process. Any ideas? I have checked my Domain GPO
and yes Domain Users are in the Lo on Locally domain policy.
.
- References:
- Domain Users group does not retain the Log on Locally right
- From: AllenM
- Re: Domain Users group does not retain the Log on Locally right
- From: Dave Nickason [SBS MVP]
- Domain Users group does not retain the Log on Locally right
- Prev by Date: Re: Cannot see Windows 2000 computers in RWW
- Next by Date: Re: Windows Update - Svchost - error 0x745F2780
- Previous by thread: Re: Domain Users group does not retain the Log on Locally right
- Next by thread: Re: Domain Users group does not retain the Log on Locally right
- Index(es):
Relevant Pages
|
