lost full control on files in re-named domain

[hesevil]

I had a domain running, (PDC on a single server network) and recently demoted it in order to rename it with my FQDM. Since coming back online, all files show what they should for owner and security rights (new domain\administrators), however i am unable to delete or rename them. I have attempted adding new users/administrators into the AD including access to the files/folders but to no avail. The error is 'may be protected or is in access' but neither is true.

Any suggestions?

-Jamieson

 

[FaiTHLeSS]

You should be able to take control of the files/folders when logged in with administrator based account. Right click the folder/files goto security tab and take control with the admin acc, delete any unwanted acc's and add the new acc's on.

 

[Claudek]

Last time I saw something similar to that error, I needed to log in as an administrator and give ownership of all subfolders/files to the Administrators group. Once this was done, I could play around with permissions with no problems.



Claudius (What certifications??)

http://www.iteq.com.au

 

[hesevil]

I am already logged in as the primary administrator. Even under this account I cannot change files. Its very bizarre, and I have yet to remedy it.

Thanx for the info

-Jamieson

 

[mlichstein]

Did you take ownership? Administrators can always take ownership, and then set permissions.

 

[hesevil]

There was no need to 'take' ownership, the administrator was automatically granted said access; however, though listed as the owner, the administrator does not have access to the write functions.

It is very strange, and I believe to be a bug as all required settings are accurately applied. I am going to completely re-install win2k as I cannot determine an other solution.

Thank you everyone for your help,
-Jamieson

 

[Jpoandl]

Eventhough you think "there is no need to take ownership", I suggest that you take ownership anyway.

Yes, it probably shows ADMINISTRATOR as the owner, I think you should at least go through the process of actually taking ownership. There reason is related to SIDs. When you originally had the domain configured, there was a unique ADMINISTRATOR with an associated SID. Now, that you have recreated the domain, the ADMINISTRATOR of this domain actually has a different SID. So, although both user names are ADMINISTRATOR, they are actually different.

Therefore, it might make sense to actually go through the tedious effort of clicking TAKE OWNERSHIP. I know that this might seem way extreme but I think it is worth a shot. If this doesn't work, you can still take the easy route of reinstalling the OS.

...hopeing this helps, I do...

Joseph L. Poandl
MCSE 2003

If your company is in need of experts to examine technical problems/solutions, please check out

http://www.NJCOMPUTERNETWORKS.com

(Sales@njcomputernetworks.com)

 

[hesevil]

I understand that the description of the SID might be the same, but it is not. The domain name has changed, so instead of 'olddomain\administrators' it shows 'newdomain\administrators', with a completely different, unique SID.

I took ownership though, as a last attempt, and it still is the same. This problem is driving me insane.