I am wondering if there are ACLs defined on the group itself or the OU above to prevent you from seen it. Do you see it as the Administrator account of the domain?
M@
On 8/14/06, Han Valk <[EMAIL PROTECTED]> wrote:
Problem is I don't see it anymore in the BUILTIN container. Strange thing is
that if I look at the security of the domain object in ADUC Incoming Forest
Trust Builders is there.
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto: [EMAIL PROTECTED]] On Behalf Of
> Matheesha Weerasinghe
> Sent: Monday, August 14, 2006 10:22
> To: ActiveDir@mail.activedir.org
> Subject: Re: [ActiveDir] Recreate BUILTIN\Incoming Forest
> Trust Builders
>
> I dont think so. objectsid attribute is a systemonly
> attribute. Personally I am impressed of that "smart
> co-worker" that managed to delete it. According to the AD
> Delegation appendices
> http://www.microsoft.com/downloads/details.aspx?FamilyID=29dba
e88-a216-45f9-9739-cb1fb22a0642&DisplayLang=en >
<http://www.microsoft.com/downloads/details.aspx?FamilyID=29db
ae88-a216-45f9-9739-cb1fb22a0642&DisplayLang=en> its not > possible to move
delete rename this group.
>
> May be he exploited the dynamic objects feature in Windows
> 2003 RTM?
> http://blogs.dirteam.com/blogs/tomek/archive/2006/06/23/1175.aspx
>
>
> M@
>
>
>
> On 8/14/06, Han Valk <[EMAIL PROTECTED]> wrote:
>
> Hi,
>
> A smart co-worker deleted the BUILTIN\Incoming Forest
> Trust Builders group.
> Is it possible to recreate this group with the same
> well known SID?
> Authoritative restore is out of the question,
> deletetion is too long ago.
>
> Han Valk.
> List info : http://www.activedir.org/List.aspx
> List FAQ : http://www.activedir.org/ListFAQ.aspx
> List archive: http://www.activedir.org/ml/threads.aspx
>
>
>
>
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
