reset admin password

Home Forums Security General Security reset admin password

This topic contains 8 replies, has 3 voices, and was last updated by  jaumejaume 14 years, 9 months ago.

Viewing 9 posts - 1 through 9 (of 9 total)
  • Author

  • jaumejaume

    I was wandering thru the site about it, but something I havent read is include as policy on domain an user with admin rights aslocal user thru the policis

    is this correct?


    Please try to write in English, we cannot understand your language. Thanks.


    Daniel, thank you for your kindly words.

    Although, the question remains, (oops thats the currect tense of the verbe?)

    Is possible through the domain policy to include a local admin user on a machine?



    I believe you can control membership of local groups through a GPO but I do not know whether or not that automatically adds members or just removes non-authorised members when the GP is applied



    Awfully just do it, removes but not include, and it makes me wonder, because the logical path is to have full rights over the domain, I’ll kepp trying
    Thnaks TOM


    Yes, you can add domain users to local groups such as the local administrators.


    Daniel, yes, you could do that, after you logged as administrator, I do not why, but in the middle of the issue the server was with his administrator (renamed) blocked….

    but, we recovered another user/password buried somewhere , as always happen……

    After that, yes, you could include, but on the server looking to the domain, not the from the domain, if it were possible, there is no need for any mess, you only need to include on the domain as local policy for the equipment and that is enough, and I tried it,both sides, maybe i made something wrong, but I do not think so

    But, I appreciate the help and the guidance from your site, my main area of expertise is communications, not servers, but i’ll keep reading and if i could help somebody with something i’ll be glad,

    cheers and thanks


    What OS and what SP are you talking about? W2K with SP1 or no SP at all had some problems with the restricted groups feature is GPO.


    Daniel, W2K and SP4 patched updated. Really, if it were possible, you could override local security with domain security, this makes sense to me, but i tested it and doesnt work, maybe I made something wrong, dont know.
    Nevertheless, as soon I have time I make a workbench test with the following configuration

    server logged with an user without rights, as member server of a domain
    in the AD domain server a policy to include users on the member servers, and this users are domain admin users, so , if everything propagates downside, they must be local admin of the member server? this is the end question, if the answer is yes, I made something wrong somewhere, if not, something could not be done, dont know again

    the only way that i included through GPO domain admins to the local admins groups was ake out of domain the server and afer that getting into to the domain, but, to do it you need the local admin, and i made it after I recovered the user/password

    but, as always, put the user admin on the vault, and repeat this as a mantra 100 times

    again, thanks for your time and help, to you maintaing this site and the people who reads this, and unfortunately, my native tongue is not french, it it were so, surely I’ll be gad to help translating the site.


Viewing 9 posts - 1 through 9 (of 9 total)

You must be logged in to reply to this topic.