Announcement

Collapse
No announcement yet.

Adding domain user to local administrator group

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Adding domain user to local administrator group

    hi All,
    i have strange case,
    when i try to add domain user account to local administrator group at member server (both DC and member server are 2008 R2) first time the account added successful,

    now domain account is local administrator at this machine...

    logon using domain account , try to open network seeting or other configuration message appear inform me that i have no privilage.(like normal domain user)

    check local adminstrator group, but i didn't see the domain user that added befroe at local administrator members.

    try to add it again, but message inform me that account already added before.

    note:
    i user hyper-V, both machines from one base disk, sysed prep

    any one have any idea about that

  • #2
    Re: Adding domain user to local administrator group

    You may have a GRoup Policy that is applying 'Restricted Groups' which may be overwriting local settings. Check with the administrator of the OU that the user is located in and see if you need either adding to the Group Policy or a domain group that the user needs to be a member of to get local rights.

    Comment


    • #3
      Re: Adding domain user to local administrator group

      hello pjhutch and thanks for fast reply

      i have not any GP Restrictions,
      Last edited by abdalla; 19th March 2010, 19:47.

      Comment


      • #4
        Re: Adding domain user to local administrator group

        Are these machines cloned?

        I've seen such issues with cloned machines that were not properly cloned (i.e. SYSPREP was not run, or not properly run).
        Cheers,

        Daniel Petri
        Microsoft Most Valuable Professional - Active Directory Directory Services
        MCSA/E, MCTS, MCITP, MCT

        Comment


        • #5
          Re: Adding domain user to local administrator group

          hi,

          Machine disk preparation
          i build virtual machine, windows 2008 R2 file using Hyper-V
          sysprep it and shutdown machine.

          then i crate new diffrenceing Disk and point to disk of windows 2008R2 as aparent disk.


          i think that is may be isue at sysprep tool, because i repert this senario more that 4 times with same result

          Comment


          • #6
            Re: Adding domain user to local administrator group

            In Windows Server 2008/Vista/7/R2, you must run sysprep with the GENERALIZE switch. Otherwise, it will not regenerate SIDs.
            Cheers,

            Daniel Petri
            Microsoft Most Valuable Professional - Active Directory Directory Services
            MCSA/E, MCTS, MCITP, MCT

            Comment

            Working...
            X