Domain Profiles Borked - Can't Grant Admin Rights - HELP!!!
- From: Caine Hörr <chorr@xxxxxxxxxxxxxxxx>
- Date: Tue, 24 Jan 2006 18:05:44 -0800
THE BACK STORY:
Yesterday (1/23/2006) our company experienced a power outage that ultimately brought our network down in a not so graceful manner. Don't ask why the UPS system failed as we don't have an answer to that question either.
We are running a FreeBSD system with an installation of SMB configured as an NT 4.0 domain.
Once power was restored and the system was brought back up, we realized some users could not log onto the network (NT domain) as their accounts had become corrupted due to a non-graceful shutdown of a UNIX (variant) system.
THE CORE PROBLEM:
The individuals that suffered a corrupted domain account are now experiencing a strange desktop (local) issue.
Once we restored their domain access and they logged into their Windows XP Professional SP/2 machine, they noticed the following problems:
* Their profile.DOMAIN was no longer being used - XP created a new profile.DOMAIN.0000
* Their desktop profile has reverted back to a stock XP configuration
* Their files seem to have disappeared
* They could no longer access email via Outlook 2003
* They no longer have Admin Privileges to their machines (ie: inability to configure Outlook, install programs, etc.)
I logged in as the Administrator for each machine and checked the status of their account. Sure enough, local Admin rights were given to each domain user. But when the user was actually logged in, they did not have Admin privleages.
Now, if I log in with a different user who has never logged into the afflicted machine and give them local Admin rights, everything is as it should be.
Furthermore, to rule out the domain server, I had the afflicted user log into a different machine and gave them local admin rights and everything worked flawlessly.
WHAT CAN BE DONE:
So my question is this... Giving the domain user Admin rights to the local machine seems to have no affect, even after I remove the domain user from the local machine, delete the profile.DOMAIN or profile.DOMAIN.0000 directory under C:\Documents & Settings\
I have scanned the Windows registry and everything points to the correct file paths and the AdminUser flag is set to true.
Has anybody seen this before? Is there any way to counter the problem without reformatting/reinstalling Windows?
Thanks in advance.
If you could forward your reply to me email address as well, it would be grealty appreciated.
-- Caine Horr Systems Administrator chorr@xxxxxxxxxxxxxxxx
GroundWork Open Source Solutions http://www.itgroundwork.com
.
- Prev by Date: Re: cipher tool with an imporsonated user
- Next by Date: Re: Remote Attacker?
- Previous by thread: Re: User Permissions
- Next by thread: Re: Remote Attacker?
- Index(es):
Relevant Pages
|
