How to restore account

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

Hi!

This happened to me:

I accidently deleted a user account on our DC.

This account was a normal domain user account, EXCEPT that we had defined
this account a member of local admin group in every single desktop computer
in our networks. And all programs we had installed were installed using that
account´s local user profile.

The result was that even after recreating that same account to domain it had
only gave domain user rights in our desktop computers because that account
had a new SID generated.

We would want to get profile and all data inside it back. And get another
domain user/local admin account.

One idea was make a new local admin profile and copy profile back to there.
BUT when you went to My Computer->System properties-> Advanced->Profiles tab
you see only unknown accounts. And you are unable to copy them to
anywhere(blank).

So my question is is same thing goto windows explorer and copy manually that
user profile than using that profiles tab? And where user profile is actually
saved? Is it really on under Documents and Settings or are there any other
places too? Ex. registry?

What would be easiest thing to get that account back to work? Would it be
possible to do such a script that would create new local admin account and
after that copy deleted profile there?

So I am not going to do autorative restore to AD or any other kind of
operation related to AD to restere that account.

Sorry about my long discussion,

And thank you in advance,

Regards,

Esa





--
-Esa

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

Go into C:\Documents and Settings, and manually copy the profile from there.

Matt Gibson - GSEC

"Esa" <Esa@discussions.microsoft.com> wrote in message
news:2C9FFAA5-B3D9-4612-A526-253308621138@microsoft.com...
> Hi!
>
> This happened to me:
>
> I accidently deleted a user account on our DC.
>
> This account was a normal domain user account, EXCEPT that we had defined
> this account a member of local admin group in every single desktop
> computer
> in our networks. And all programs we had installed were installed using
> that
> account´s local user profile.
>
> The result was that even after recreating that same account to domain it
> had
> only gave domain user rights in our desktop computers because that account
> had a new SID generated.
>
> We would want to get profile and all data inside it back. And get another
> domain user/local admin account.
>
> One idea was make a new local admin profile and copy profile back to
> there.
> BUT when you went to My Computer->System properties-> Advanced->Profiles
> tab
> you see only unknown accounts. And you are unable to copy them to
> anywhere(blank).
>
> So my question is is same thing goto windows explorer and copy manually
> that
> user profile than using that profiles tab? And where user profile is
> actually
> saved? Is it really on under Documents and Settings or are there any other
> places too? Ex. registry?
>
> What would be easiest thing to get that account back to work? Would it be
> possible to do such a script that would create new local admin account
> and
> after that copy deleted profile there?
>
> So I am not going to do autorative restore to AD or any other kind of
> operation related to AD to restere that account.
>
> Sorry about my long discussion,
>
> And thank you in advance,
>
> Regards,
>
> Esa
>
>
>
>
>
> --
> -Esa

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

Hi!

Is everything in profile really saved under \documents and settings? So
nothing saved in registry for example? So it is really the same copy
documents and settings manually?

What would you think could I do a script that add that account to local
admin group, and also copy documents and settings for new admin profile?

Do you think this could be done using Group Policy? Make a logon script and
enable user loopback policy mode. So would there be problems with credentials
if that policy was applied to normal domail account group?

Thanks,

Esa


--
-Esa


"Matt Gibson" wrote:

> Go into C:\Documents and Settings, and manually copy the profile from there.
>
> Matt Gibson - GSEC
>
> "Esa" <Esa@discussions.microsoft.com> wrote in message
> news:2C9FFAA5-B3D9-4612-A526-253308621138@microsoft.com...
> > Hi!
> >
> > This happened to me:
> >
> > I accidently deleted a user account on our DC.
> >
> > This account was a normal domain user account, EXCEPT that we had defined
> > this account a member of local admin group in every single desktop
> > computer
> > in our networks. And all programs we had installed were installed using
> > that
> > account´s local user profile.
> >
> > The result was that even after recreating that same account to domain it
> > had
> > only gave domain user rights in our desktop computers because that account
> > had a new SID generated.
> >
> > We would want to get profile and all data inside it back. And get another
> > domain user/local admin account.
> >
> > One idea was make a new local admin profile and copy profile back to
> > there.
> > BUT when you went to My Computer->System properties-> Advanced->Profiles
> > tab
> > you see only unknown accounts. And you are unable to copy them to
> > anywhere(blank).
> >
> > So my question is is same thing goto windows explorer and copy manually
> > that
> > user profile than using that profiles tab? And where user profile is
> > actually
> > saved? Is it really on under Documents and Settings or are there any other
> > places too? Ex. registry?
> >
> > What would be easiest thing to get that account back to work? Would it be
> > possible to do such a script that would create new local admin account
> > and
> > after that copy deleted profile there?
> >
> > So I am not going to do autorative restore to AD or any other kind of
> > operation related to AD to restere that account.
> >
> > Sorry about my long discussion,
> >
> > And thank you in advance,
> >
> > Regards,
> >
> > Esa
> >
> >
> >
> >
> >
> > --
> > -Esa
>
>
>