|
Posted by Steven L Umbach on April 11, 2006, 6:50 pm
Please log in for more thread options If you mean that the user is logging onto the domain instead of local
computer you will need to add the user's "domain" account to the local
administrators group on the member server. It would not matter what password
is used as it is group membership that determines who is a local
administrator. You can use the command net localgroup administrators to see
what users/groups are in the local administrators group. If you change a
user's group membership make sure that the user logs of and logs on again to
update his security token with the change in group membership. Also if there
are DNS problems in the domain you will experience unexpected results when
domain users logon to member servers. The support tools dcdiag [domain
controllers only] and netdiag can help troubleshoot such along with checking
the logs via Event Viewer for errors/warnings such as userenv that can
indicate problems finding or contacting a domain controller. --- Steve
http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B291382 --- AD
DNS FAQ
>I have two Windows Server 2003 R2 servers setup. One is the domain
> controller. Both administrator accounts have the same password. On my
> server that is not the domain controller, when I join the domain, the
> administrator account cannot change any of the security settings for
> any of the folders.
>
> This happens if I set the administrator's login domain to the domain
> controller or to the local computer. When I remove the second server
> from the domain and return it to a workgroup, the administrator account
> can make changes to the security settings.
>
> This second server was upgraded from a Windows Server 2000 by inserting
> the 2003 R2 CD. Why can I not make changes to any of the folder
> security settings after the computer joins the domain?
>
> Any help would be greatly appreciated.
> AD
>
| 
XML Sitemap