Print Page | Close Window

Migrated accounts not working properly with GPO.

Printed From: ForensiT
Category: ForensiT Support
Forum Name: Domain Migration
Forum Description: User Profile Wizard questions, suggestions, comments and bug reports
URL: https://forum.ForensiT.com/forum_posts.asp?TID=2058
Printed Date: 28 Mar 2024 at 3:59pm
Software Version: Web Wiz Forums 12.03 - http://www.webwizforums.com


Topic: Migrated accounts not working properly with GPO.
Posted By: FiliP
Subject: Migrated accounts not working properly with GPO.
Date Posted: 01 Jun 2021 at 7:32pm
Hi.
I have big problem with migrated users.
1. I have Active Directory, new user created in AD.
2. Then i migrate local user to new user in domain. No errors. All looks fine but...
3. If for ex I add domain user to any domain group, user on computer (migrated one) still have same privilages.

Nothing changes after restart, logout/login, gpforce /update etc. He will always have same privilages from time when he was migrated. Its like GP is no in sync with compute&user<=>server. Change will set only when i take out computer from domain and add it again. I thing "domain admin account" set in Profile Wizard doing sync in that time.

I've checked it on second computer, the same resoult. But if i use clean new domain user - not migrated one, its all ok, policies from server working and updating normaly. Only migrated are not usable.

So... what happening?



Replies:
Posted By: Support
Date Posted: 03 Jun 2021 at 2:09pm
User Profile Wizard only effects file and folder permissions in the local user profile on the workstation, usually C:\Users\username. In cannot have any effect on domain user accounts or permissions granted through domain groups. (Group permissions are not enforced through Group Policies.)


Posted By: FiliP
Date Posted: 03 Jun 2021 at 4:28pm
This is not the case or i dont understand (eng is not my first language).

Any profile migrated by Profile Wizard will not get any update configuration from Global Policies. Maybe my example was wrong for you, but that was first obvious effect (gpresult /r didnt change on client side). Its all ok on the server.

Real expample: I was mapping drive letter by GPO and making link to it on domain user desktop.

Migrated by PW user didnt get mapped leter on his computer. gpresult didnt show policy is applyed etc.
Not migrated ones working fine.

So, there is any next steps to make after mirating user to domain by Profile Wizard?

Windows Server 2019



Print Page | Close Window

Forum Software by Web Wiz Forums® version 12.03 - http://www.webwizforums.com
Copyright ©2001-2019 Web Wiz Ltd. - https://www.webwiz.net