supermario182 Posted August 5, 2009 Posted August 5, 2009 Hello everyone, I am taking over a windows 2008 server for a company that previously hired nerd herds and geek squads to do computer work for them. Currently the computers are all on a workgroup and not joined to the domain, and I would like to fix that. However there is a lot of junk in active directory users and computers, and I need to find out what I can safely delete without messing anything up. Does anyone know if there are users / groups that are required for certain things to work properly? Below is an exported list of things I am not sure about. If anyone can help me figure this out or at least direct me where to find out what is required by the server that would be legen, wait for it ... dary! Thanks Name Type Description User Logon Name Guest User Built-in account for guest access to the computer/domain krbtgt User Key Distribution Center Service Account MagicJack User MagicJack Phone Test Domain User Enterprise Admins Security Group - Universal Designated administrators of the enterprise Enterprise Read-only Domain Controllers Security Group - Universal Members of this group are Read-Only Domain Controllers in the enterprise Schema Admins Security Group - Universal Designated administrators of the schema DnsUpdateProxy Security Group - Global DNS clients who are permitted to perform dynamic updates on behalf of some other clients (such as DHCP servers). Domain Admins Security Group - Global Designated administrators of the domain Domain Computers Security Group - Global All workstations and servers joined to the domain Domain Controllers Security Group - Global All domain controllers in the domain Domain Guests Security Group - Global All domain guests Domain Users Security Group - Global All domain users Group Policy Creator Owners Security Group - Global Members in this group can modify group policy for the domain Read-only Domain Controllers Security Group - Global Members of this group are Read-Only Domain Controllers in the domain Allowed RODC Password Replication Group Security Group - Domain Local Members in this group can have their passwords replicated to all read-only domain controllers in the domain Cert Publishers Security Group - Domain Local Members of this group are permitted to publish certificates to the directory Debugger Users Security Group - Domain Local Debugger Users are non administrators who are allowed to use Visual Studio to debug processes, both locally and remotely. Only trusted users should be added to this group Denied RODC Password Replication Group Security Group - Domain Local Members in this group cannot have their passwords replicated to any read-only domain controllers in the domain DHCP Administrators Security Group - Domain Local Members who have administrative access to DHCP service DHCP Users Security Group - Domain Local Members who have view-only access to the DHCP service DnsAdmins Security Group - Domain Local DNS Administrators Group IIS_WPG Security Group - Domain Local IIS Worker Process Group RAS and IAS Servers Security Group - Domain Local Servers in this group can access remote access properties of users SQLServer2005MSSQLServerADHelperUser$APPS Security Group - Domain Local Members in the group have the required access and privileges to be assigned as the log on account for the associated instance of SQL Server Active Directory Helper in SQL Server 2005. SQLServer2005MSSQLUser$APPS$SQLEXPRESS Security Group - Domain Local Members in the group have the required access and privileges to be assigned as the log on account for the associated instance of SQL Server and SQL Server FullText Search in SQL Server 2005. SQLServer2005SQLBrowserUser$APPS Security Group - Domain Local Members in the group have the required access and privileges to be assigned as the log on account for the associated instance of SQL Server Browser in SQL Server 2005. Terminal Server Computers Security Group - Domain Local List of Terminal Server computers allowed to communicate with the License server TS Web Access Administrators Security Group - Domain Local Members of this group can modify the default TS Web Access Web site TS Web Access Computers Security Group - Domain Local Members of this group can query the list of RemoteApp programs that are available from this terminal server Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.