Might clear out Control Panel\User Accounts\Credential Manager
--please don't forget to Accept as answer if the reply is helpful--
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Cant remove admin rights for 1 account that was member of domain admins, and restrticted group (built-in admins), it is not a member of aforementioned groups anymore but this account can install and elevate as admin on domain joined comps in what I used it before. new domain joined comps dont recognize him as admin and asks for elevation. Is it some sort of cache or what else? confused(
Might clear out Control Panel\User Accounts\Credential Manager
--please don't forget to Accept as answer if the reply is helpful--
Hi,
Try to confirm if the admincount attribute of the user is still remain one, is yes ,change it back to zero .
When a user / group is removed from a protected group, adminCount attribute value will remain equal to one (1). Also; the owner, ACLs and permission inheritance status (Enabled or Disabled) will remain the same. Change it manually.
Logout and login in again to refresh the group membership.
Best Regards,