+ Post New Thread
Results 1 to 2 of 2
Windows Server 2008 R2 Thread, Change to Built-in Admins in Technical; It appears during the early hours of the morning at the weekend, the Enterprise Admins group was removed from the ...
  1. #1

    Join Date
    Dec 2009
    Posts
    245
    Thank Post
    5
    Thanked 28 Times in 26 Posts
    Rep Power
    13

    Change to Built-in Admins

    It appears during the early hours of the morning at the weekend, the Enterprise Admins group was removed from the Built-in Administrators group of a child domain with event ID 4733 being generated.

    There apepar to be no user login event generated around this time. I have tracked down the DC that apparently made the change, but can find no obvious reason as to why this would happen.

    I am currently running various AV and malware checks, but just wondered if anyone had experienced this before?

    I can obviously now put the group back, but without knowing the cause, can't gurantee it won't happen again.

  2. #2

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    8,941
    Thank Post
    232
    Thanked 1,510 Times in 1,206 Posts
    Rep Power
    328
    I've not seen that before, but I'd certainly recommend changing all domain admin passwords immediately just to be safe.

SHARE:
+ Post New Thread

Similar Threads

  1. Movig to LGFL2 what changes to make in server?
    By lionsl2005 in forum Windows Server 2008
    Replies: 5
    Last Post: 20th March 2013, 02:57 PM
  2. Replies: 5
    Last Post: 8th November 2010, 05:42 AM
  3. Replies: 6
    Last Post: 8th September 2009, 05:59 PM
  4. problem saving changes to front page in IE7
    By e_g_r in forum EduGeek Joomla 1.0 Package
    Replies: 5
    Last Post: 30th April 2008, 03:22 PM
  5. Script to change user email in AD (or Exchange)
    By SpuffMonkey in forum Scripts
    Replies: 16
    Last Post: 8th November 2005, 10:31 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •