PCs losing local security accounts

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

Thanks in advance to everyone who replies.

PCs OSes: Windows XP
Server OS: Windows 2000
Domain: Windows 2000 native

Problem: PCs are losing local security accounts. A domain user account is
added on a PC and given Power User or Administrator rights. Approx. 24 hours
later, the machine no longer has the security account setup for that user and
it has to be added again using the local Administrator account. Also the
domain admin and enterprise admin doesn't even have Administrator rights to
PCs out of the gate. They have to be added the same as a normal domain user
account and those accounts are also lost. Also have some accounts on a some
PCs that need to be deleted and when they are and after restarting, they are
still there and won't delete.

Detail:
This actually may be a Windows 2000 AD issue, not sure, but thought I would
start here.

We have several remote sites. Each remote site had a child domain of the
parent domain of our Corp offices. We are in the process of flattening our
child domains to have one parent domain. So we flattened the domain of one
site from child1.domain.com to domain.com. We did this by seperately moving
the computer accounts by moving them from the child domain to a dummie
workgroup and then to the parent domain. The computer accounts appeared to
move fine.
Then we seperately moved all the users using movetree. As this was done, on
each PC for each user their account for the old domain was deleted and an
account for the new domain was added, both being and were set to Power User.
Then after all users were moved to the parent domain, the only domain
controller for the child domain was demoted and then promoted as a member
domain controller of the parent domain. We made the appropriate changes to
reflect the settings for the new domain. And after replication occurred the
old domain was completely gone. But now the PCs at that remote site are
losing their local security accounts. Also, we have one user who travels
between this site and our Corproate offices and has a PC at each site. They
only see this at this remote site and not at our Corporate Offices.

Solutions tried:
*Took PCs out of domain, deleted domain computer accounts, and put them back
in with no change of the problem
*Turned system restore off on PCs for two days with no change in problem -
thought maybe system restore was overwriting the changed part of the registry
that had the new accounts.

I appreciate anything anyone can offer to help me getting close to solving
this issue. Because when those remote site users log on each day, they have
no access to anything and their local security account has to be readded
everyday to correct it. Thanks.

------------------------
I Frag just cuz I can!

Deuce