Help Fix - Account Operator can access domain admin groups/users
From: Staraider (staraider@mydomain.com)Date: 10/10/02
- Next message: Staraider: "Server Manager Access control"
- Previous message: Staraider: "Re: Contingency and Disaster Plan Template -- Word / HTML Format - 10"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Staraider" <staraider@mydomain.com> Date: Thu, 10 Oct 2002 07:47:41 -0400
I have discovered that the Account operator rights ...for some
reason...allows access to add/remove users to the domain admin group and
modify the domain admin users.
Because of this, I can not delegate account op rights to some of my sites.
This only happens in one of my 2 NT4 domains.
I closely examined all the SIDS for the groups and they are the
correct.defaults.
Something at a deep level has been corrupted, over the years, to allow
this.
I plan to migrate to W2K....but I do not want to inherit this problem, I
would like to fix this opposed to build a complete new domain and recreate
all the groups.
1 any help to fix the NT4 problem appeaciated
2 Any suggestion on if this problem would migrate with W2K domain upgrade
- Next message: Staraider: "Server Manager Access control"
- Previous message: Staraider: "Re: Contingency and Disaster Plan Template -- Word / HTML Format - 10"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
