Windows 10 Permission issue with Domain Admin

By | August 12, 2015

You may not able to manage Windows 10 with your administrator account member of Domain Admin, as we all know if Windows 10 joined to Domain then Domain admin has an administrator permission to manage the system

When you try to do any activity which require admin rights, end up with below error

“C:\Windows\system32\rundll32.exe

Windows cannot access the specified device, path, or file.  You may not have the appropriate permissions to access the item.”

Several spots where I received above error message, even I can’t open Personalize > Themes > Desktop Icon Settings, unable to open Windows 10 Edge, File rights and access issues

Also Read: Troubleshooting Tips for Windows 7, 8.1 and Windows 10 Slowness Problems

Surprisingly no issue with the local admin account, I can able to do all above work with local administrator account

Even Domain user account member of Local administrator group can able to manage the machine and only issue with the user member of Domain Admin group

Why My Domain Administrator has no permissions and Local Admin has permissions

Microsoft designed like this to product your system from malware, need to elevate to do all admin work for security reason

Also Read: Windows 10 compatibility with Windows Server 2003

Solution through Group Policy:

Open gpedit.msc (Group Policy Editor)

Browse to Computer Configuration-Windows Settings-Security Settings -Local Policies-Security Options

Enable “User Account Control: Admin Approval Mode for the Built-in Administrator account”,

Restart workstation

Solution Through registry:

Open regedit

HKEY_LOCAL_MACHINE – SOFTWARE-Microsoft-Windows-Currentversion-Policies- System

EnableLUA is set to1

Restart workstation

Hope this will resolve Windows 10 permission issue with Domain Admin

Also Read: Windows 10 Keyboard Shortcuts Tricks and Tips

13 thoughts on “Windows 10 Permission issue with Domain Admin

  1. Speckbrot3000

    Couldn’t figure out wth… thought maybe some old leftover group policies might be interfering. But this did the trick, thanks! 🙂

    Reply
  2. Lyle G

    Thanks for the detailed suggestion! I struggled with this for a couple hours before stumbling upon this post. The first suggestion (Group Policy Editor) was the trick. I did browse through the registry, but the suggested key was already modified.

    Reply
  3. Ahmad

    Hello,

    Thank you so much for that! I have been searching around for a while with no avail, you saved my life =)

    Reply
  4. Manu

    Man, you rock ! I’ve searched all over the web for a solution, and finally there you were ! I had read something regarding the Registry option, but my registry was already correct, so it’s your Group Policy solution that did the trick for me. Thanks !

    Reply
  5. Muqtar

    Dear All,

    i would prefer easy solution to the above problem

    the solution is

    Export the MSlicensing from the old Window 7 (HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSLicensing) and save it on the WIN 7 PC/Laptop

    copy the exported MSlicensing to a stick

    paste on the new PC/Laptop windows 10 which has problem with Remote error

    Run it (simple double click)

    problem should be solved

    Reply
  6. ericm

    Hi
    I have just upgraded to a windows 10 pro machine. I use domain admin login but use a different user network folder to save my documents etc eg john test. This is handy when i want to test local user settings permissions but still access my normal desktop and docs.
    I can open the user folder logging as admin but cannot save any changes, it comes up with a permissions error.
    If i log on with john test account it is fine.
    I have used this logon method with win7,8 and 8.1 and it works fine. I am logged on as domain admin not local admin.
    The permissions are set to share/and permissions with all domain admin accounts from both the server side and the same permissions are reflected in the security tab on wind 10 machine.
    i have tried the gpedit solution listed above but no luck.
    All other network shared drives are fine (these are on different servers but are on any domain)
    Any ideas

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *