Author Topic: [solved]Problem with GPO Restricted Groups  (Read 785 times)

acero

  • Zen Apprentice
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
[solved]Problem with GPO Restricted Groups
« on: July 07, 2016, 11:28:39 am »
Hello Everyone !
I want to set domain user xxx as local administrator for the all workstations in domian. So I created group Local Admin and add domain user XXX to this group. Next created new GPO named Local Admin GPO and edit Computer configuration\Policies\Windows Settings\Security Settings\Restricted Groups. I added Local Admin group as member of builtin Administrators group and link this GPO. On the clinet workstation I updated GPO ( gpupdate /force ) and saw there is no Local Admin group in the local Administrators group. I checked  winlogon file and saw error 1332 - No mapping between account names and security IDs was done. Cannot find Administrators.

I think the problem is that I used Polish version Windows 7 Pro. In Polish version ther is a group called Administratorzy. I checked this GPO with English Windows system and everything is OK.

I use Zentyal 4.2.2   

How can I solve this problem ?

Update:
I solved this problem editing %systemroot%\SYSVOL\sysvol\<DNS domain name>\Policies\<GUID of GPO>\Machine\Microsoft\Windows NT\SecEdit\GptTmpl.inf by replace group name to SIDs group.
« Last Edit: July 12, 2016, 11:06:40 am by acero »