It sounds like there might be a restricted group policy being applied to the
workstation. That would correspond to the accounts being removed when you
reboot the machine because the policy would be re-applied. I would suggest
checking any GPO's that would apply to the machine for restricted group
policies for the groups you are interested in.
You can check which policies you are getting security settings from by
running "gpresult /v" at a command prompt.
The policy of interest would be in the following path:
Computer Configuration\Windows Settings\Security Settings\Restricted Groups
295771 SMS: A "Restricted Group" Policy May Prevent SMS Clients from Being
http://support.microsoft.com/?id=295771
320045 HOW TO: Restrict Group Membership By Using Group Policy in Windows
2000
http://support.microsoft.com/?id=320045
--
Gary Mudgett, MCSE, MCSA
Windows 2000/2003 Directory Services
=====================================================
When responding to posts, please "Reply to Group" via
your newsreader so that others may learn and benefit
from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
Bill said:
Thanks for your response Jerold.
Logged in as local Administrator, I added them using Computer Management,
Local Users and Groups, Right-click on <group>, Add to Group, Add, then
selecting domain user group or role, e.g. Domain Users or Authenticated
Users.
is not there after the workstation restarts. I have searched through the AD
Policy settings on the w2k SBS and can't find anything which might be
resetting this. The default AD Group Policy settings are all 'not
configured'. There are no other Policies further down the AD tree. Two
questions:
