Sign in with
Sign up | Sign in
Your question

Deleted users completely disappear

Last response: in Windows 2000/NT
Share
June 30, 2004 10:09:59 PM

Archived from groups: microsoft.public.windowsnt.domain (More info?)

Hi-
I administer an NT4 resource domain. There are 3 NT4
master domains and 1 W2K AD domain. On our domain
controllers we have local groups that contain many users
from those other 4 domains.
Somehow the LDAP system that populates the resource
domains partially "unpopulated" those domains. In other
words, a bunch of accounts got deleted. How or why that
happened is irrelevent but.....
Instead of those deleted accounts showing up as SIDs
or "Account Unknown" in our groups, they were just simply
gone.
The accounts in the master domains were restored by
bringing back the SAM from backup but the users didn't
end up back in my groups and now I have to manually add
them all.
In the past, when a user was deleted from one of the
master domains, they would be represented in my groups as
SIDs or "Account Unknown" but for some reason this seems
to have changed about a year and a half ago. It didn't
occur to me that it would make any difference until now.
Does anyone know what would cause this or if there is
something I can do to change that behavior?
By the way, it also happened on the member servers in our
domain. The Central IT people swear that servers in
other resource domains didn't behave this way.
Thanks for any help.
Anonymous
July 1, 2004 2:53:04 PM

Archived from groups: microsoft.public.windowsnt.domain (More info?)

This behavior is by default. How can you
expect the account to be "retained" when
it is deleted from the SAM? The "account
unknown" will only appear when the account
is there but the link to the account is missing
i.e., communication to a DC where the account
resides is missing. I don't know of any way to
change this behavior..

"Charlie" <anonymous@discussions.microsoft.com> wrote in message
news:23e3c01c45f08$21074c40$a301280a@phx.gbl...
> Hi-
> I administer an NT4 resource domain. There are 3 NT4
> master domains and 1 W2K AD domain. On our domain
> controllers we have local groups that contain many users
> from those other 4 domains.
> Somehow the LDAP system that populates the resource
> domains partially "unpopulated" those domains. In other
> words, a bunch of accounts got deleted. How or why that
> happened is irrelevent but.....
> Instead of those deleted accounts showing up as SIDs
> or "Account Unknown" in our groups, they were just simply
> gone.
> The accounts in the master domains were restored by
> bringing back the SAM from backup but the users didn't
> end up back in my groups and now I have to manually add
> them all.
> In the past, when a user was deleted from one of the
> master domains, they would be represented in my groups as
> SIDs or "Account Unknown" but for some reason this seems
> to have changed about a year and a half ago. It didn't
> occur to me that it would make any difference until now.
> Does anyone know what would cause this or if there is
> something I can do to change that behavior?
> By the way, it also happened on the member servers in our
> domain. The Central IT people swear that servers in
> other resource domains didn't behave this way.
> Thanks for any help.
>
Anonymous
July 1, 2004 3:02:33 PM

Archived from groups: microsoft.public.windowsnt.domain (More info?)

Sounds normal to me. When you get the "sid" or "account unkown" it means
that the account has been deleted but still tied to the resource. There is
no way to use it when you get this type of behavior because the account is
gone.

--
Scott Harding
MCSE, MCSA, A+, Network+
Microsoft MVP - Windows NT Server

"Michael Giorgio - MS MVP" <Michael.Giorgio@NoSpam.mayerson.com> wrote in
message news:%23v1znu3XEHA.2944@TK2MSFTNGP11.phx.gbl...
> This behavior is by default. How can you
> expect the account to be "retained" when
> it is deleted from the SAM? The "account
> unknown" will only appear when the account
> is there but the link to the account is missing
> i.e., communication to a DC where the account
> resides is missing. I don't know of any way to
> change this behavior..
>
> "Charlie" <anonymous@discussions.microsoft.com> wrote in message
> news:23e3c01c45f08$21074c40$a301280a@phx.gbl...
> > Hi-
> > I administer an NT4 resource domain. There are 3 NT4
> > master domains and 1 W2K AD domain. On our domain
> > controllers we have local groups that contain many users
> > from those other 4 domains.
> > Somehow the LDAP system that populates the resource
> > domains partially "unpopulated" those domains. In other
> > words, a bunch of accounts got deleted. How or why that
> > happened is irrelevent but.....
> > Instead of those deleted accounts showing up as SIDs
> > or "Account Unknown" in our groups, they were just simply
> > gone.
> > The accounts in the master domains were restored by
> > bringing back the SAM from backup but the users didn't
> > end up back in my groups and now I have to manually add
> > them all.
> > In the past, when a user was deleted from one of the
> > master domains, they would be represented in my groups as
> > SIDs or "Account Unknown" but for some reason this seems
> > to have changed about a year and a half ago. It didn't
> > occur to me that it would make any difference until now.
> > Does anyone know what would cause this or if there is
> > something I can do to change that behavior?
> > By the way, it also happened on the member servers in our
> > domain. The Central IT people swear that servers in
> > other resource domains didn't behave this way.
> > Thanks for any help.
> >
>
>
Anonymous
July 1, 2004 6:28:50 PM

Archived from groups: microsoft.public.windowsnt.domain (More info?)

You are correct I was thinking local accounts.
I would think someone had to manually remove
the "account unknown" icons.

"Scott Harding - MS MVP" <scrockel@**NO_SPAM**hotmail.com> wrote in
message news:
> Sounds normal to me. When you get the "sid" or "account unkown" it
means
> that the account has been deleted but still tied to the resource.
There is
> no way to use it when you get this type of behavior because the
account is
> gone.
>
!