Re: Adding domain users to local Administrator group

From: Brad Leppla (F0rres7_at_email.uophx.edu)
Date: 05/18/03 

Date: Sun, 18 May 2003 08:25:54 -0600

>You still have not verified that, at the XP, you did join >the machine to
the domain

Other than having the domain name as a selectable item in the logon window
and successfully logging on utilizing the very domain account which I want
to add locally is there another form of verification that I am missing?

Thanks for all your input. I now have two XP machines doing exactly the same
thing but on two different networks. The other network is an AD-integrated
W2K single DC setup. Very wierd.

Brad 

--
Brad Leppla
University of Phoenix Faculty
F0rres7@email.uophx.edu
"Roger Abell [MVP]" <mvpNoSpam@asu.edu> wrote in message
news:OnSe$aPHDHA.2248@TK2MSFTNGP10.phx.gbl...
> inlined . . .
> "Brad Leppla" <F0rres7@email.uophx.edu> wrote in message
> news:OszurXPHDHA.1548@TK2MSFTNGP12.phx.gbl...
> > I can see the machine name in the domain as displayed on the server.
>
> That only means the computer object exists, and you did say you
> created it.  You still have not verified that, at the XP, you did join
> the machine to the domain.
>
> > I am
> > sure that DNS is configured properly. We are using static TCP/IP
settings
> as
> > a legacy from the workgroup that did not include the W2K3 server DNS
> > (because it did not exist). It is now the only DC running AD inside the
> > domain. But if DNS was an issue, wouldn't W2K Professional workstations
be
> > having the same problem? WinXP is the only one having difficulties
seeing
> > the domain.
>
> Yes, I would think that rules out DNS.
>
> >
> > Haven't tried the policy tweaking on the XP workstation as yet but I
will.
> >
> > Thanks,
> >
> > Brad
> >
> > --
> > Brad Leppla
> > University of Phoenix Faculty
> > F0rres7@email.uophx.edu
> > "Roger Abell [MVP]" <mvpNoSpam@asu.edu> wrote in message
> > news:ePt3e#MHDHA.1024@TK2MSFTNGP10.phx.gbl...
> > > You mentioned creating the computer object in the domain,
> > > but you did not mention joining the machine to the domain.
> > > I assume that was done, that you can log in with a domain
> > > account, and so you know the machine is in the domain.
> > >
> > > Two things have been interrupting XP at SP1 from interop
> > > with domain control, but for your W2k3 AD I would hope
> > > the second is not an issue.
> > > 1. use the correct DNS server and only DNS servers that
> > >     can locate the AD supporting DNS zone(s)
> > > 2. try disabling the policy on the XP client in the Security
> > >     Settings under Microsoft network client the ones to do
> > >     digital signing (either always or when server agrees)
> > >
> > >
> > > "Brad Leppla" <F0rres7@email.uophx.edu> wrote in message
> > > news:eMZcroHHDHA.2220@TK2MSFTNGP11.phx.gbl...
> > > > All,
> > > >
> > > > I have a twist to the seemingly easy process of adding a domain user
> > > account
> > > > to the local administrator group in WXP Pro that which seems to
evade
> > > > resolution (TechNet is no help). Whenever I attempt this process,
> > clicking
> > > > on the "Locations" button shows ONLY the local workstation, not the
> > > domain.
> > > > In other words, its as if the domain does not exist. Yet, I have
> > > > successfully created, deleted, then recreated the computer account
in
> > the
> > > > domain. Any thoughts? Configuration particulars:
> > > >
> > > > Windows Server 2003 Standard Edition with AD installed
> > > >
> > > > Windows 2000 Professional workstations have no problems adding
domain
> > user
> > > > accounts to local Admin group
> > > >
> > > > Network consists of 17 PCs of various flavors (WinMe, W98, W2K Pro,
> WXP
> > > Pro)
> > > > that existed in a workgroup prior to introduction of W2K3
> > > >
> > > > SP 1 applied to affected XP Pro workstation
> > > >
> > > > DNS configured to allow secure and unsecure dynamic updates
> > > >
> > > > WINS configured on network
> > > >
> > > > My thinking leads me to believe that it has something to do with
local
> > GPO
> > > > on the workstation but I cannot reason out the location or the
> > conditions
> > > > which would affect a resolution. Any help would be appreciated as
our
> > > > migration project is now halted because of this problem.
> > > >
> > > > Thanks,
> > > >
> > > > Brad Leppla
> > > >
> > > > solutions@network-professionals.net
> > > >
> > > >
> > >
> > >
> >
> >
>
>