Domain users & local machine accounts

[Enkrypted]

We have reps in the field that connect with their laptops to a VPN connection for access to e-mail, etc. Normally I add their domain account to the laptops local administrator group, but after a reboot or two, it disappears. This causes them to have issues connecting to our exchange server. Is there a way to get them to permanently stay on the local machine's administrator group?

Enkrypted
A+

 

[DrB0b]

Exactly how are you currently trying to get them added to the Admin group? Does the account disappear or the Admin Group Privilege?

"Silence is golden, duct tape is silver...

 

[Enkrypted]

I would go through control panel > user accounts and then add the domain account and give administrator priv.

Enkrypted
A+

 

[DrB0b]

Does the entire account disappear or just the Admin Priv?

"Silence is golden, duct tape is silver...

 

[Enkrypted]

It would just disappear from the list. As seen in the images below, the 1st one is where I would add it, then a couple days later (or reboots), it disappears like in the 2nd one.

Enkrypted
A+

 

[DrB0b]

Whats the OS of the laptops that are affected? Is this happening on all laptops? Ive had funky issues with users and domains before, are you logging in with a domain Admin account and creating the field techs accounts are are you creating them with the local laptop's Admin account?

"Silence is golden, duct tape is silver...

 

[Enkrypted]

Windows XP Pro and Windows 7 Pro on the laptops. Yes I'm logging in with a Domain Admin account.

Enkrypted
A+

 

[DrB0b]

Does anything change server side in AD? Does their laptop stay in the Computer and User stay in the User field? Do you have any imaging software locally on the laptops, any registry file blockers or something akin to Spyboy installed?

"Silence is golden, duct tape is silver...

 

[Enkrypted]

Nothing on server side changes at all. Both computer and user remain in Active Directory. Nothing on the laptops that would interfere either, just a couple programs they use for work (Office related products)

Enkrypted
A+

 

[DrB0b]

Not sure of the size of your company, any GPO's that would interfere? Do all drop out after the 1 or 2 reboots? Do they do that while connecting locally too or just when tunneling via the vpn?

"Silence is golden, duct tape is silver...

 

[Enkrypted]

It's a small company. It will happen randomly on the laptops from time to time. It just happens on the laptops that VPN

Enkrypted
A+

 

[DrB0b]

What VPN program are you using?

"Silence is golden, duct tape is silver...

 

[Enkrypted]

Just standard Windows VPN connection

Enkrypted
A+

 

[DrB0b]

Are you setting up the VPN and then the user or the user then the VPN?

"Silence is golden, duct tape is silver...

 

[Enkrypted]

I've tried both ways. Same results.

Enkrypted
A+

 

[DrB0b]

Touche salesman, Have you tried a third party VPN app to see if it is just something quirky with the way the VPN is reacting? There is a multitude of free ones to try, just give it a Google.

"Silence is golden, duct tape is silver...

 

[Enkrypted]

Not yet. I will have to give that a try

Enkrypted
A+

 

[58sniper]

If you have a GPO defined to enforece restricted groups, membership in those groups would revert as soon as the GPO is refreshed. That's a good thing, generally.

http://support.microsoft.com/kb/279301

Do you have your Tek-Tips.com swag? I've got mine! Pick some up at

https://www.advantageemblem.com/PromoItems/ApparelStore.aspx?CategoryId=392

Stop by the new Tek-Tips group at LinkedIn.

http://www.linkedin.com/groups/Networking-TekTipscom-forums-members-3952395