Re: administrator access without adding to administrators group
- From: Michael Bednarek <mbATmbednarek.com@xxxxxxxxxxxxxxxxx>
- Date: Thu, 10 May 2007 19:05:58 +1000
On Wed, 9 May 2007 12:10:14 -0700, Roger Abell [MVP] wrote in
microsoft.public.win2000.security:
Michael Bednarek wrote in message news:qje34352j7ori0m76p112e3u66u27578hj@xxxxxxxxxx
On Mon, 7 May 2007 09:53:06 -0700, mcp wrote in microsoft.public.win2000.security:
I have created a domain account that I want it to be a local adminitrator on
all servers in the domain. I want to do this without adding the user to the
local administrators group. Is that possible? Is this something that could
be done from the local security policy?
I suspect that generous use of NTRIGHTS might achieve what you have in
mind.
That could certainly cover part of it, not all.
For example, filesystem permissions, registry permissions,
com/dcom component permissions, per-service permissions,
service manager permissions, etc..
I think these can be covered with other command line and/or GUI tools or
WMI/VBS scripts. Still, it seems a perfectly pointless exercise, except
for nefarious purposes.
--
Michael Bednarek http://mbednarek.com/ "POST NO BILLS"
.
- Follow-Ups:
- Re: administrator access without adding to administrators group
- From: Roger Abell [MVP]
- Re: administrator access without adding to administrators group
- References:
- administrator access without adding to administrators group
- From: mcp
- Re: administrator access without adding to administrators group
- From: Michael Bednarek
- Re: administrator access without adding to administrators group
- From: Roger Abell [MVP]
- administrator access without adding to administrators group
- Prev by Date: Re: Encrytion Issue
- Next by Date: update KB867801 keeps repeating
- Previous by thread: Re: administrator access without adding to administrators group
- Next by thread: Re: administrator access without adding to administrators group
- Index(es):
Relevant Pages
|
|
