Announcement

Collapse
No announcement yet.

Rights Issue

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Rights Issue

    Hi There..

    Ihave setup of Windows 2003 server as follows.
    SiteA:
    Subnet: 192.168.x.1/24
    ServerA: DC, GC

    SiteB:
    Subnet: 192.168.y.1/24
    Server: Additional DC, GC

    My question earlier ihave given Administrator rights to userA who is present in SiteB...later stages i removed Administrator rights and forced the site replication. After some time like after some hours or day,to my surpirse again when checked his rights he got Administrator rights....Can anybody tell me what exactly happening...some time i suspect UserA also because of this happening....

    REgards

  • #2
    Re: Rights Issue

    Remove the administrator rights again and setup some auditing.

    http://support.microsoft.com/kb/814595

    Comment


    • #3
      Re: Rights Issue

      Hi there...

      I removed user from Administrator group and setup auditing...its strange that the user can add himself to Administrator group.... See the contents of auditing below..

      Security Enabled Local Group Changed:
      Target Account Name: Administrators
      Target Domain: Builtin
      Target Account ID: BUILTIN\Administrators
      Caller User Name: administrator
      Caller Domain: MYDOMAIN
      Caller Logon ID: (0x0,0x1E7466F)
      Privileges: -
      Changed Attributes:
      Sam Account Name: -
      Sid History: -

      Security Enabled Local Group Member Removed:
      Member Name: CN=Umar Farook,OU=BranchOffice,DC=MYDOMAIN,DC=com
      Member ID: MYDOMAIN\user1
      Target Account Name: Administrators
      Target Domain: Builtin
      Target Account ID: BUILTIN\Administrators
      Caller User Name: administrator
      Caller Domain: MYDOMAIN
      Caller Logon ID: (0x0,0x1E7466F)
      Privileges: -


      For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

      Security Enabled Local Group Changed:
      Target Account Name: Administrators
      Target Domain: Builtin
      Target Account ID: BUILTIN\Administrators
      Caller User Name: user1
      Caller Domain: MYDOMAIN
      Caller Logon ID: (0x0,0x4587F)
      Privileges: -
      Changed Attributes:
      Sam Account Name: -
      Sid History: -


      Security Enabled Local Group Member Added:
      Member Name: CN=Umar Farook,OU=BranchOffice,DC=MYDOMAIN,DC=com
      Member ID: MYDOMAIN\user1
      Target Account Name: Administrators
      Target Domain: Builtin
      Target Account ID: BUILTIN\Administrators
      Caller User Name: user1
      Caller Domain: MYDOMAIN
      Caller Logon ID: (0x0,0x4587F)
      Privileges: -


      Cheers..
      Last edited by khantmk; 10th June 2009, 07:19.

      Comment

      Working...
      X