Win2k SP problems in general...
From: Ralph H Carothers III (carothersr@SURGENT.COM)Date: 08/13/01
- Previous message: Drakar Pty Ltd: "Free online service"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-ID: <8081B7FB56BBF64E9864CDD39A6F7166170BC6@MAIL1> Date: Mon, 13 Aug 2001 14:54:22 -0400 From: Ralph H Carothers III <carothersr@SURGENT.COM> Subject: Win2k SP problems in general... To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
I dont know if I sent this to the right place, but I know that on my network
here we have an issue with account policies period.
The Active Directory will not allow me to read it correctly. I might be
horrid at explaining this...but here goes:
With no service packs, my Domain server was fine. It would allow me to
allow local account policies to group domain accounts. (For instance, I
would open up my local account grouping of Administrators. (Not the account
Administrator, the actual group Administrators, it will also do the same for
power users etc.)
I would then hit ADD USERS, select the domain (for example: hq.blahblah.com)
and pick the accounts I wanted to give local Admin access to so that they
could then install programs, etc.
I would hit ok, it would say it could not find the specified domain, and
then I would get booted back to the account names under the local admin
group. All of the accounts I added would be there but with like naming such
as:
\\3213-32132-32343-1245\domainusername
Once you hit ok, and then re-open the Admin group again, the accounts are
listed as something such as:
\\blahblah\domainusername
Not \\hq.blahblah.com\domainusername as they should be.
If you upgrade your service pack...forget EVER adding anymore local users.
I've had this on an NT 4.0 network. (SP6a) I've had it on a Native win2k
network with no service packs, and SP 1 and SP 2.
The only way you can change local groups to give domain users those rights
locally is through Group Policies applied to them directly, or to do it
directly before you upgrade the service packs. (A pain because you then need
a re-install for each new user.)
Unfortunatly, the Group Policies will sometimes also not take if this bug is
active.
-Ralph H Carothers III
============================================================================
Delivery co-sponsored by Trend Micro, Inc.
============================================================================
TREND MICRO SCANMAIL FOR EXCHANGE 2000 -- SECOND to NONE
If you are worried about email viruses, you need Trend Micro ScanMail for
Exchange. ScanMail is the first antivirus solution that seamlessly
integrates with the Microsoft Exchange 2000 virus-scanning API 2.0. ScanMail
ensures 100% inbound and outbound email virus scanning and provides remote
software management. Download a FREE 30-day trial copy of ScanMail and find
out why it is the best:
http://www.antivirus.com/banners/tracking.asp?si=8&BI;=240&UL;=/smex2000
============================================================================
- Previous message: Drakar Pty Ltd: "Free online service"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
