Announcement

Collapse
No announcement yet.

AD groups losing members quicker than an eye blinks

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • AD groups losing members quicker than an eye blinks

    Our Enterprise Admins group keeps losing all recent members added to it. There are two users in the group which are always there and never disappear (from a long time ago).

    It literally takes minutes from the members to drop out of the group. I've checked the GPOs and there's nothing in there. Where should I start looking?

    Windows 2003 Server & AD.
    |
    +-- JDMils
    |
    +-- Regional Systems Engineer, DotNet programmer & Jack of all trades
    |

  • #2
    Re: AD groups losing members quicker than an eye blinks

    I've found the problem. One of our remote DCs had a GPO which was adding the two users defined in the GPO to the Enterprise Admins group. The EA group was then replicating back to our Head Office DC.

    What I don't understand is why the two DCs are replicating but the GPOs are not the same on the two DCs?? What can I do to sync GPOs from HO to the remote DC?

    PS. One other thing. The time on the remote DC is 3 hours behind our HO DC as it is in another time zone. Is this a problem?
    Last edited by JDMils; 21st September 2007, 08:50.
    |
    +-- JDMils
    |
    +-- Regional Systems Engineer, DotNet programmer & Jack of all trades
    |

    Comment


    • #3
      Re: AD groups losing members quicker than an eye blinks

      I don't understand that either, re: the policy being different on one DC.

      However the time thing is only the DISPLAYED time. The ACTUAL time on the DCs is in synch (otherwise it would NOT be replicating, and nobody would be able to log into it, etc).


      Tom
      For my own and your protection, I do not provide support by private message under any circumstances. All such messages will be deleted and ignored.

      Anything you say will be misquoted and used against you

      Comment


      • #4
        Re: AD groups losing members quicker than an eye blinks

        The problem is now fixed. What I found was that the time on the remote DC was 3 hours behind our local DC time, BUT the timezone was set to the same as our local DC, thus, all changes made on the remote DC were overriding our local DC changes thru the replication as the changes were appearing to be made 3 hours before those on our local DC.

        I reset the timezone back to what it should be (+07) and it is now working!! Thanks for your help.
        Last edited by JDMils; 24th September 2007, 01:09.
        |
        +-- JDMils
        |
        +-- Regional Systems Engineer, DotNet programmer & Jack of all trades
        |

        Comment

        Working...
        X