[scmds]

Okay, this might take a little explaining. I've done a fair amount of research and endless days of experimenting to no avail, so finally it's come to this, I'll begin this novel and hope someone can help me out.

I am currently administering a network of about 75 clients (all xp pro 32-bit sp2 windows machines). We are an AD environment with 3 DC's all running Server 2003, two of those are 32-bit and one 64-bit. All users run as local administrators on their own machines and users on the domain.

Here is my issue. I am trying to add a user to a new machine and add them to the Users Group instead of the Administrators Group. I have tried multiple ways, all not working.

What happens is this:
1. I log in as a domain admin
2. I add the user into the Users Group
3. I log out, then log in as the User (We can call him Max)
4. He is effectively added to the Users Group and cannot make system changes.
5. I log Max out and then log him back in and a new temporary profile is created. The new profile comes up as Mac.domain001
6. Every successive log out/in creates another temporary profile, but non will stick.

I have found other threads explaining a problem with domain vs. local profiles, although following the steps of editing the registry key in profile list hasn't worked as the only profiles I see listed there are the admin profiles and system, network, etc..

So essentially I can't add the user as a member of Users and have the profile stick upon logout/login, but I can add them as a local admininstrator and the account will stick.

I'm sure I missed some things, so let me know if you have any ideas and I'll answer any questions as you have them.

Much thanks,

Steven.