User being able to add machines to domain

Discussion in 'Microsoft Windows 2000 Deployment' started by Igirisujin, Apr 27, 2005.

  1. Igirisujin

    Igirisujin Guest

    Good morning everyone
    I have a strange one for you and after hours of looking at this issue I
    cannot for the life of me find out why this can happen.
    We thought up until today that we had a very secure network controlled by a
    domain administrator until we discovered that a user (via his vpn had added
    his home pc to the domain. So I replicated this in the office over the
    network using the users ID and password and lo and behold it added my test
    laptop to the domain. I tried this with random usernames and as I expected
    it didnt let them add my test machine on to the domain.

    Anyway I have checked the rogue user's groups and he is only in domain users
    which I have also checked. Please could someone let me know if this is a
    known issue or am I missing something that is glaring me in the face.
    My best wishes to you all and thanks in advance for any help you may be able
    to give me.

    Nick
     
    Igirisujin, Apr 27, 2005
    #1
    1. Advertisements

  2. By default members of the authenticated users group can add 10 computers to
    the domain.
    This article explains it and "Method 3" tells how to change the 10 computer
    limit.

    http://support.microsoft.com/default.aspx?scid=kb;en-us;251335

    hth
    DDS W 2k MVP MCSE

    "Igirisujin" <> wrote in message
    news:426f615c$0$26342$...
    > Good morning everyone
    > I have a strange one for you and after hours of looking at this issue I
    > cannot for the life of me find out why this can happen.
    > We thought up until today that we had a very secure network controlled by
    > a
    > domain administrator until we discovered that a user (via his vpn had
    > added
    > his home pc to the domain. So I replicated this in the office over the
    > network using the users ID and password and lo and behold it added my test
    > laptop to the domain. I tried this with random usernames and as I expected
    > it didnt let them add my test machine on to the domain.
    >
    > Anyway I have checked the rogue user's groups and he is only in domain
    > users
    > which I have also checked. Please could someone let me know if this is a
    > known issue or am I missing something that is glaring me in the face.
    > My best wishes to you all and thanks in advance for any help you may be
    > able
    > to give me.
    >
    > Nick
    >
    >
     
    Danny Sanders, Apr 27, 2005
    #2
    1. Advertisements

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Rich

    How to determine which machines have duplicate GUIDs

    Rich, Oct 5, 2003, in forum: Microsoft Windows 2000 Deployment
    Replies:
    0
    Views:
    485
  2. Gregor Cunningham \(Boys & Girls Clubs\)

    Domain User is not User on Local Machine

    Gregor Cunningham \(Boys & Girls Clubs\), Oct 26, 2003, in forum: Microsoft Windows 2000 Deployment
    Replies:
    4
    Views:
    516
    Oli Restorick [MVP]
    Oct 26, 2003
  3. Carlton Whitmore

    How to add domain user to local admin group?

    Carlton Whitmore, Nov 18, 2003, in forum: Microsoft Windows 2000 Deployment
    Replies:
    4
    Views:
    874
    Johan Arwidmark
    Nov 19, 2003
  4. Brian
    Replies:
    4
    Views:
    432
    Nicolas
    Nov 27, 2004
  5. Kenneth Keeley

    Add Domain User to Local Group at time of System Build

    Kenneth Keeley, Dec 13, 2005, in forum: Microsoft Windows 2000 Deployment
    Replies:
    0
    Views:
    489
    Kenneth Keeley
    Dec 13, 2005
Loading...

Share This Page