Jim Lawrence
accessd at shaw.ca
Mon Oct 25 20:35:06 CDT 2010
This is one issue with Active directory as far as I know. Once the base account is created that can not be removed. The password can be changed but the account itself can not be removed unless Active Directory is totally removed and then re-installed... One of those Windows security things. That is according to a server guru friend...I have never ran into that specific problem with AD. Jim -----Original Message----- From: dba-tech-bounces at databaseadvisors.com [mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of Steve Erbach Sent: Monday, October 25, 2010 4:08 PM To: Discussion of Hardware and Software issues Subject: Re: [dba-Tech] Linked logins to Windows Server 2003 Jim, OK...but that doesn't explain the apparent link between the accounts. Different user names, different passwords. But when I try to Disable the guru's account, the owner's account can't log in. Are we talking some sort of aliasing here? I didn't try to delete the account; I just changed the password and then I thought I'd Disable it. I'm content if I can't delete it. Steve Erbach On Thu, Oct 21, 2010 at 11:02 AM, Jim Lawrence <accessd at shaw.ca> wrote: > Hi Steve: > > The most you can do is change the password of the previous 'person of > interest'. You can not delete the account. That is how Active-Directory > works...so no one can screw with it. Ultimate security has its price. > > The only real way to change the account is to re-install. Been there done > that. > > Sorry Steve. > > Jim > > > > -----Original Message----- > From: dba-tech-bounces at databaseadvisors.com > [mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of Steve Erbach > Sent: Wednesday, October 20, 2010 6:25 PM > To: Discussion of Hardware and Software issues > Subject: [dba-Tech] Linked logins to Windows Server 2003 > > Dear Group, > > The network "guru" that an old client of mine had hired to install his > Windows Server 2003 Enterprise has taken himself out of the game. > Suffice it to say that he's in trouble with the law and probably won't > be returning. > > I've taken over as de facto network guy. I have a horseback knowledge > of Windows Server 2003 and I've learned a fair amount in the past two > weeks. But I ran into something odd regarding user accounts. > > The felon -- I mean the network guru -- had set up a user account for > himself, of course. I recently changed its password. But I also > tried to disable the account from the Active Directory Users and > Computers application: Action | Disable. > > When I did that, however, the owner of the company could no longer log > in. When I re-enabled the felon's account, the owner could log back > in. > > My question is: what kind of linking can there be between user > accounts that would accomplish this kind of symbiosis or parasitic > behavior? I want to disable the guy's account but, apparently, I > can't. > > Any ideas? > > Regards, > > Steve Erbach > Neenah, WI _______________________________________________ dba-Tech mailing list dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech Website: http://www.databaseadvisors.com