Re: Disabling local admin account prevents a Domain Admin access

From: Kevin3DR (dont.spam_at_me.com)
Date: 06/08/05

• Next message: Steven L Umbach: "Re: Website Tracking by User"
• Previous message: eddienlaura_at_charter.net: "Website Tracking by User"
• In reply to: Kevin3DR: "Re: Disabling local admin account prevents a Domain Admin access"
• Next in thread: Steven L Umbach: "Re: Disabling local admin account prevents a Domain Admin access"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Wed, 08 Jun 2005 15:43:18 -0500

I wasn't able to get the full error message previously, as I was
running a batch job, and could test it.

Here it is:

\\server is not accessible. You might not have permission to use this
network resource. Contact the administrator of this server to find
out if you have access permissions.

Logon failure: account currently disabled

On Wed, 08 Jun 2005 13:58:39 -0500, Kevin3DR <dont.spam@me.com> wrote:

>The error message is just a plain Access Denied. It seems that my
>domain account is logging into that server as the local Administrator,
>for some reason, as both Computer Management - Sessions, and Event log
>are showing my login as the local Administrator. The event log entry
>is below.
>
>How do I check to see if the stored credentials match, and how to I
>get my system to logon as the user account?
>
>
>
>
>
>Jun 8 13:33:43 xxxxxxxxxxxxxx
>MSWinEventLog<009>0<009>Security<009>1644392<009>Wed Jun 08 13:33:12
>2005<009>560<009>Security<009>Administrator<009>User<009>Success
>Audit<009>server<009>Object Access<009><009>Object Open: Object
>Server: Security Object Type: File Object Name:
>F:\Dev\User\Green\Drew_Womack-Hey_Daisy.mp3 Handle ID: 1672
>Operation ID: {0,113994271} Process ID: 4 Image File Name:
>Primary User Name: server$ Primary Domain: domain Primary
>Logon ID: (0x0,0x3E7) Client User Name: Administrator Client
>Domain: server Client Logon ID: (0x0,0x6C33D24) Accesses:
>READ_CONTROL ReadData (or ListDirectory) ReadEA ReadAttributes
>Privileges: - Restricted Sid Count: 0 Access Mask: 0x20089
><009>1643575
>
>
>
>
>On Tue, 7 Jun 2005 12:34:49 -0500, "Steven L Umbach"
><n9rou@nospam-comcast.net> wrote:
>
>>What is the exact message that user domain/Green gets when he is denied
>>access?? Auditing of logon events is probably already enabled on the Windows
>>2003 Server so look in the security log to see if a logon failure has been
>>recorded and possibly the reason why. One though is that domain/Green is
>>using an XP Pro computer with stored credentials that match the credentials
>>of the local administrator account on the server. You could also check
>>Computer Management/shared folders - sessions to see as what account
>>domain/Green is connected to the server with when the local administrator
>>account is enabled. --- Steve
>>
>>
>>
>>"Kevin3DR" <dont.spam@me.com> wrote in message
>>news:incba114md7t02l3dmikeguai66ge64pek@4ax.com...
>>>I am running serveral Windows 2003 Servers, and I am having a very odd
>>> problem.
>>>
>>> One one server (not a domain controller), I have the following default
>>> accounts:
>>>
>>> Local Account: Administrator
>>>
>>> Local Group: Administrators: Members: domain\Domain Admins,
>>> Administrator (local)
>>>
>>> Domain Group: Domain Admins: domain/Administrator, domain/Turner,
>>> domain/Green
>>>
>>> The problem is this. When I disable the local administrator account on
>>> the file server, domain/Green is denied access. All my other users, as
>>> well as domain/Turner and domain/Administrator still have complete
>>> access. If I reenable the local administrator account, access for
>>> domain/Green comes back.
>>>
>>> This is a very odd problem does anyone now of a utility to check the
>>> integrity of local security accounts, or have any idea what this could
>>> be?
>>>
>>> Kevin
>>

---

• Next message: Steven L Umbach: "Re: Website Tracking by User"
• Previous message: eddienlaura_at_charter.net: "Website Tracking by User"
• In reply to: Kevin3DR: "Re: Disabling local admin account prevents a Domain Admin access"
• Next in thread: Steven L Umbach: "Re: Disabling local admin account prevents a Domain Admin access"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Can not log on to domain controller remotely or locally. ... log on as the local Administrator and schedule a task that ... policy via SECEDIT command line utility) in the security context of the ... local SYSTEM account following the regular reboot. ... to remote desktop into the server and I get the message "To log on to this ... (microsoft.public.windows.server.active_directory) SBS2000 server generating DCOM errors and multiple security events. ... I perform the offline defragmentation successfully and reboot the server. ... The logon to account: DC$ ... Logon Failure: ... incorrect password, or does not exist. ... (microsoft.public.backoffice.smallbiz2000) Re: Disabling local admin account prevents a Domain Admin access ... domain account is logging into that server as the local Administrator, ... are showing my login as the local Administrator. ... Server: Security Object Type: File Object Name: ... Logon ID: Client User Name: Administrator Client ... (microsoft.public.security) Re: Create web applicatio problem ... Is your install account a local administrator, ... a seperated "farm" domain account per the MS accounts reccomendations? ... The "farm" actually is one server - for test purposes... ... sharepoint server, I've included it in both WSS_ADMIN_WPG and WSS_WPG ... (microsoft.public.sharepoint.portalserver) LocalSystem Account Logon Failure ... On a Win2K SP3 Member Server with the following Service ... Logon failure: account currently disabled. ... NTFS permissions have not been modified ... (microsoft.public.win2000.security)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(16)