RE: [ActiveDir] Strange Group Policy Problem

[GRILLENMEIER,GUIDO (HP-Germany,ex1)]

Title: Message

agreed - local policies (or any other policies) don't change "on their own"...  but what I have run into myself is that local (or even domain wide) policies have been changed due to installation of software on a machine.  So you might simply want to check, if you've deployed a special SW or update to the error-prone machines...   /Guido -----Original Message----- From: Rick Kingslan [mailto:[EMAIL PROTECTED] Sent: Samstag, 1. M�rz 2003 03:39 To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Strange Group Policy Problem Brad,   Interesting.  I'll be watching as this goes on to see what others suggest and what you find.  As to the direct answers:   Has anyone heard of local policies changing like that on its own?  Absolutely - No.  Never have seen it.   Now, here's the questions:   The easiest explanation is that someone inadvertently changed it.  Denial is an easy, thing to do, but hard to accept.  It happens, and we never WANT to blame our co-workers.  It IS the most obvious answer.  What do YOU think?   What are you auditing for success, failure that would indicate an access?   I'll leave it at that.....   ;o) Rick Kingslan  MCSE, MCSA, MCT Microsoft MVP - Active Directory Associate Expert Expert Zone - www.microsoft.com/windowsxp/expertzone     From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brad Martin Sent: Friday, February 28, 2003 3:17 PM To: Active Directory Mailing List Ok, I don't know how this could have happened, but it just seemed to.  We suddenly could not log in locally to many of our servers, we kept getting a local policy didn't allow access to Log on Locally.  Luckily I had a connection open to one of the servers we couldn't log into and I quickly looked at the Local Security Policy and it listed one of our users as the only one that could log in locally as the Effective Policy Setting.  I quickly looked at the GPOs that were attached to the OU the machines were in (this was affecting around 10 servers) and there were no GPOs applied to it (or higher up the tree, except the Default Domain Policy which was clean.)  I did a secedit /refreshpolicy on the box and it fixed the problem, suddenly we could log in.  I've been pouring through the log files and I can't see any changes to the local security policy, nor is there anything listed on the DCs where someone had added a GPO to the servers OU (then deleted it).  Nobody who could have changed it claims to have made any changes to the OU.  Basically I'm looking to find out, and I feel foolish even asking this, but has anyone heard of local policies changing like that on its own?  Could it have been some kind of strange Active Directory database corruption that then fixed itself?   Brad Martin Go Daddy Software, Inc. 480.505.8800 ext. 250 [EMAIL PROTECTED] http://www.godaddy.com

<<attachment: image001.gif>>