Jump to content
Forum²

Recommended Posts

Posted

Hello everyone,

I am taking over a windows 2008 server for a company that previously hired nerd herds and geek squads to do computer work for them. Currently the computers are all on a workgroup and not joined to the domain, and I would like to fix that. However there is a lot of junk in active directory users and computers, and I need to find out what I can safely delete without messing anything up. Does anyone know if there are users / groups that are required for certain things to work properly? Below is an exported list of things I am not sure about. If anyone can help me figure this out or at least direct me where to find out what is required by the server that would be legen, wait for it ... dary!

Thanks

 

Name Type Description User Logon Name

Guest User Built-in account for guest access to the computer/domain

krbtgt User Key Distribution Center Service Account

MagicJack User MagicJack Phone

Test Domain User

Enterprise Admins Security Group - Universal Designated administrators of the enterprise

Enterprise Read-only Domain Controllers Security Group - Universal Members of this group are Read-Only Domain Controllers in the enterprise

Schema Admins Security Group - Universal Designated administrators of the schema

DnsUpdateProxy Security Group - Global DNS clients who are permitted to perform dynamic updates on behalf of some other clients (such as DHCP servers).

Domain Admins Security Group - Global Designated administrators of the domain

Domain Computers Security Group - Global All workstations and servers joined to the domain

Domain Controllers Security Group - Global All domain controllers in the domain

Domain Guests Security Group - Global All domain guests

Domain Users Security Group - Global All domain users

Group Policy Creator Owners Security Group - Global Members in this group can modify group policy for the domain

Read-only Domain Controllers Security Group - Global Members of this group are Read-Only Domain Controllers in the domain

Allowed RODC Password Replication Group Security Group - Domain Local Members in this group can have their passwords replicated to all read-only domain controllers in the domain

Cert Publishers Security Group - Domain Local Members of this group are permitted to publish certificates to the directory

Debugger Users Security Group - Domain Local Debugger Users are non administrators who are allowed to use Visual Studio to debug processes, both locally and remotely. Only trusted users should be added to this group

Denied RODC Password Replication Group Security Group - Domain Local Members in this group cannot have their passwords replicated to any read-only domain controllers in the domain

DHCP Administrators Security Group - Domain Local Members who have administrative access to DHCP service

DHCP Users Security Group - Domain Local Members who have view-only access to the DHCP service

DnsAdmins Security Group - Domain Local DNS Administrators Group

IIS_WPG Security Group - Domain Local IIS Worker Process Group

RAS and IAS Servers Security Group - Domain Local Servers in this group can access remote access properties of users

SQLServer2005MSSQLServerADHelperUser$APPS Security Group - Domain Local Members in the group have the required access and privileges to be assigned as the log on account for the associated instance of SQL Server Active Directory Helper in SQL Server 2005.

SQLServer2005MSSQLUser$APPS$SQLEXPRESS Security Group - Domain Local Members in the group have the required access and privileges to be assigned as the log on account for the associated instance of SQL Server and SQL Server FullText Search in SQL Server 2005.

SQLServer2005SQLBrowserUser$APPS Security Group - Domain Local Members in the group have the required access and privileges to be assigned as the log on account for the associated instance of SQL Server Browser in SQL Server 2005.

Terminal Server Computers Security Group - Domain Local List of Terminal Server computers allowed to communicate with the License server

TS Web Access Administrators Security Group - Domain Local Members of this group can modify the default TS Web Access Web site

TS Web Access Computers Security Group - Domain Local Members of this group can query the list of RemoteApp programs that are available from this terminal server

  • 2 months later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...