Adding workstations to domains

Toggle sidebar Toggle sidebar
E

Ed

Distinguished
Apr 1, 2004
1,253
0
19,280
Archived from groups: microsoft.public.win2000.group_policy (More info?)

Hello all,

For security purposes, I have trimmed the members of the Domain Admins group
accross all domains to only a select few. When doing this, ex-members of
that group are no longer able to add machines to the domain. In Default
Domain Policy and Default Domain Controllers Policy | User Rights Assignment,
I have added these users to the "Add workstations to the Domain" policy, but
it still doesn't work. I have also Delegated control to the Computers
container so they have the right to write.

What am i missing? I need these users to be able to add machines to the
domain without them having domain admin rights. Thanks.
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.group_policy (More info?)

Hi Ed

This might help:

251335 Domain Users Cannot Join Workstation or Server to a Domain
http://support.microsoft.com/?id=251335

Specifically, method 2.

Just a thought.

Kind regards
--
Mark Renoden [MSFT]
Windows Platform Support Team
Email: markreno@online.microsoft.com

Please note you'll need to strip ".online" from my email address to email
me; I'll post a response back to the group.

This posting is provided "AS IS" with no warranties, and confers no rights.

"Ed" <Ed@discussions.microsoft.com> wrote in message
news:807E600D-9805-4DDF-B1E5-F2803960EFCE@microsoft.com...
> Hello all,
>
> For security purposes, I have trimmed the members of the Domain Admins
> group
> accross all domains to only a select few. When doing this, ex-members of
> that group are no longer able to add machines to the domain. In Default
> Domain Policy and Default Domain Controllers Policy | User Rights
> Assignment,
> I have added these users to the "Add workstations to the Domain" policy,
> but
> it still doesn't work. I have also Delegated control to the Computers
> container so they have the right to write.
>
> What am i missing? I need these users to be able to add machines to the
> domain without them having domain admin rights. Thanks.
 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom