?
=?ISO-8859-1?Q?Caine_H=F6rr?=
THE BACK STORY:
Yesterday (1/23/2006) our company experienced a power outage that
ultimately brought our network down in a not so graceful manner. Don't
ask why the UPS system failed as we don't have an answer to that
question either.
We are running a FreeBSD system with an installation of SMB configured
as an NT 4.0 domain.
Once power was restored and the system was brought back up, we realized
some users could not log onto the network (NT domain) as their accounts
had become corrupted due to a non-graceful shutdown of a UNIX (variant)
system.
THE CORE PROBLEM:
The individuals that suffered a corrupted domain account are now
experiencing a strange desktop (local) issue.
Once we restored their domain access and they logged into their Windows
XP Professional SP/2 machine, they noticed the following problems:
* Their profile.DOMAIN was no longer being used - XP created a new
profile.DOMAIN.0000
* Their desktop profile has reverted back to a stock XP configuration
* Their files seem to have disappeared
* They could no longer access email via Outlook 2003
* They no longer have Admin Privileges to their machines (ie:
inability to configure Outlook, install programs, etc.)
I logged in as the Administrator for each machine and checked the
status of their account. Sure enough, local Admin rights were given to
each domain user. But when the user was actually logged in, they did
not have Admin privleages.
Now, if I log in with a different user who has never logged into the
afflicted machine and give them local Admin rights, everything is as it
should be.
Furthermore, to rule out the domain server, I had the afflicted user
log into a different machine and gave them local admin rights and
everything worked flawlessly.
WHAT CAN BE DONE:
So my question is this... Giving the domain user Admin rights to the
local machine seems to have no affect, even after I remove the domain
user from the local machine, delete the profile.DOMAIN or
profile.DOMAIN.0000 directory under C:\Documents & Settings\
I have scanned the Windows registry and everything points to the
correct file paths and the AdminUser flag is set to true.
Has anybody seen this before? Is there any way to counter the problem
without reformatting/reinstalling Windows?
Thanks in advance.
If you could forward your reply to me email address as well, it would
be grealty appreciated.
--
Caine Horr
Systems Administrator
(e-mail address removed)
GroundWork Open Source Solutions
http://www.itgroundwork.com
Yesterday (1/23/2006) our company experienced a power outage that
ultimately brought our network down in a not so graceful manner. Don't
ask why the UPS system failed as we don't have an answer to that
question either.
We are running a FreeBSD system with an installation of SMB configured
as an NT 4.0 domain.
Once power was restored and the system was brought back up, we realized
some users could not log onto the network (NT domain) as their accounts
had become corrupted due to a non-graceful shutdown of a UNIX (variant)
system.
THE CORE PROBLEM:
The individuals that suffered a corrupted domain account are now
experiencing a strange desktop (local) issue.
Once we restored their domain access and they logged into their Windows
XP Professional SP/2 machine, they noticed the following problems:
* Their profile.DOMAIN was no longer being used - XP created a new
profile.DOMAIN.0000
* Their desktop profile has reverted back to a stock XP configuration
* Their files seem to have disappeared
* They could no longer access email via Outlook 2003
* They no longer have Admin Privileges to their machines (ie:
inability to configure Outlook, install programs, etc.)
I logged in as the Administrator for each machine and checked the
status of their account. Sure enough, local Admin rights were given to
each domain user. But when the user was actually logged in, they did
not have Admin privleages.
Now, if I log in with a different user who has never logged into the
afflicted machine and give them local Admin rights, everything is as it
should be.
Furthermore, to rule out the domain server, I had the afflicted user
log into a different machine and gave them local admin rights and
everything worked flawlessly.
WHAT CAN BE DONE:
So my question is this... Giving the domain user Admin rights to the
local machine seems to have no affect, even after I remove the domain
user from the local machine, delete the profile.DOMAIN or
profile.DOMAIN.0000 directory under C:\Documents & Settings\
I have scanned the Windows registry and everything points to the
correct file paths and the AdminUser flag is set to true.
Has anybody seen this before? Is there any way to counter the problem
without reformatting/reinstalling Windows?
Thanks in advance.
If you could forward your reply to me email address as well, it would
be grealty appreciated.
--
Caine Horr
Systems Administrator
(e-mail address removed)
GroundWork Open Source Solutions
http://www.itgroundwork.com