Jump to content

Domain admin rights not propagating to the user at the workstation lev


ericargyle

Recommended Posts

Ever hear of domain admin rights not propagating to the user at the workstation level when logged in? No changes have been made to default domain policy. Seems to have occurred out of nowhere. Any suggestions on how to fix this? Clearly the joined domain machine recognizes the domain user and authenticates. However, rights do not push. Any help would be excellent.

Of note, it seems to be any new users I create in AD. Previously created admins do pull appropriate rights on logged in workstations. Also, this on consistent on Win7 and WinXP clients. Thanks guys.

Link to comment
Share on other sites


What is in the computer's administrators group ?

There should be domain admins (by default) and so as long your users belong to domain admins group, they should have admins rights on the computer.

How did you found that domains admins don't have admin rights on computers ?

Link to comment
Share on other sites

I ran

net user username \domain

The funny thing is that it tells me I'm a member of the local group: administrators. However, I have no access to control panel, or installing apps, etc.

Any help would be great.

Link to comment
Share on other sites

The net user username /domain doesn't do what you think: it retrieve the user's group membership in AD not locally and that what i asked.

Try running:

net localgroup administrators

It should show users/groups belonging to the local administrators group.

Link to comment
Share on other sites

Thanks Allen. The issue was Domain Admins were in the local admins group, administrators on the domain were not. I pushed it out with Restricted Groups and that did the trick for affected users.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...