GptTmp1.inf File Strange Entries??

[Rhea Urusky]

I am having problems accessing Active Directory Users and Computers on our
Win2000 server. I came across one post that looked at the GptTmp1.inf file.
In our file we have entries for the Administrator group, and the everyone
group, and four other SIDs. Three of them are very similiar to the other
ones and then there are two that are very different. Could it be they are
corrupt or were created by a hacker? The SIDs we have are: *S-1-5-32-547,
*S-1-5-32-551, *S-1-5-32-545, *S-1-5-32-544 and then there are these two:
*S-1-5-21-1960408961-1637723938-1801674531-501 and
*S-1-5-21-2181704846-1638713383-217084109-1119. The first 'weird' one is
listed under SeInteractiveLogonRight and the latter one is the only one that
is listed under SeNetworkLogonRight. The Everyone SID is not listed under
either of these two settings. From what I have read I think the Everyone
group should be listed under these two settings, am I correct? Any help is
most welcome. Thanks.

 

[Tom Ausburne]

The SIDs you listed are as follows:

*S-1-5-32-547 Power Users (Which should be removed in a domain
setting)
*S-1-5-32-551 Backup Operators
*S-1-5-32-545 Users
*S-1-5-32-544 Administrators

243330 Well Known Security Identifiers in Windows 2000
http://support.microsoft.com/?id=243330

These are common SIDs and should not be the source of the problem.

The SeInteractiveLogonRight should have the Everyone group listed
which is *S-1-1-0
The SeNetworkLogonRight by default has The following groups:

*S-1-1-0 Everyone
*S-1-5-11 Authenticated Users
*S-1-5-32-554 BUILTIN\Pre-Windows 2000 Compatible Access
*S-1-5-32-550 Print Operators
*S-1-5-32-549 Server Operators
*S-1-5-32-545 Users

I hope this information helps.

Tom Ausburne (MSFT)
Windows 2000 Directory Services
This posting is provided "AS IS" with no warranties, and confers no
rights.

 

[Rhea Urusky]

I changed the file to have the default values but that hasn't helped. When
I try to access Active Directory Users and Computers I get this error: logon
attempt failed. Naming information cannot be located because configuration
information describing the enterprise is not available. I don't know why
this is happening. I am the only one who has admin rights, but we have had
some backdoor trojans infect the server. We have cleaned the viruses and
nothing is found on the scan now. I don't know if this is corruption from a
virus or not or something I may have done without knowing it. The server is
not used as a server per say, it is used for internet access for the users
on our Novell network as well as for terminal services for users in another
city so we don't do backups on it. I am at a loss as to what to look for or
what to fix to regain access. I remember that the last time I tried to add a
new user I did it the same way I did the others but when I would try to
logon as the new user I would get the error about not being able to logon
interactively. I was at least able to access the add users though. We do
very little administration on this server and because it is a long time in
between adding users it is a learing experience every time it needs to be
done. I'm not even sure that I used active directory to add users, it seems
to me it might have been through local users and groups but I get an error
when I go there because it says it is adomain controller and I have to use
ad. When I get this fixed I will make some documentation for myself! Any
help in what to look for and what to do would be appreciated.

 

[Tom Ausburne]

Check this article and make sure that you have given all the proper
users and groups the correct rights:

257346 "Access This Computer from the Network" User Right Causes
Tools Not to
http://support.microsoft.com/?id=257346

This article may also provide some insight:

323542 You Cannot Start the Active Directory Users and Computers Tool
Because
http://support.microsoft.com/?id=323542

As a last resort look at this article:

329887 You Cannot Interact with Active Directory MMC Snap-Ins
http://support.microsoft.com/?id=329887



Tom Ausburne (MSFT)
Windows 2000 Directory Services
This posting is provided "AS IS" with no warranties, and confers no
rights.