No users in Local Administrators Group

A

am

When attempting to view the members of the local administrators group I see
no users at all, even when in the context of the local administrators
account. If I attempt to add an account to the group that I know is in there
already, I receive the following message:

"Username" is already a member of group "Administrators".

I've also tried running a script to enumerate the users in local
administrators group and this returns no results.

Any ideas how I can resolve this?
 
A

am

I knocked up a C# app that calls NetLocalGroupGetMembers but this returns 87
(ERROR_INVALID_PARAMETER) when the groupname parameter = "administrators".
When groupname = "users" the function returns 0 (ERROR_SUCCESS), indicating
that it is succesful.
 
A

am

I've done some further debugging of the NetLocalGroupGetMembers API and looks
like it calls LsarLookupSids2 (translates SIDS into names), which fails -
returning C000000D (STATUS_INVALID_PARAMETER in ntstatus.h). This then gets
translated to 87 (ERROR_INVALID_PARAMETER in winerror.h) before being
returned by NetLocalGroupGetMembers.

Running "net localgroup administrators" returns :

Alias name administrators
Comment Administrators have complete and unrestricted access to the
computer/domain
System error 87 has occurred.

The parameter is incorrect.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Vista no enabled user in administrators group?? 4
Local Power User on domain 1
Local Group added to local Administrators group 2
Removing local users from local administrator group 6
Domain User can't login unless it has local Administrators right 0
Administators group confusion 3
Local Administrators Group prevent Group Policy to apply 2
Please help, no administrator access! 4

Top