Re: Domain Users to have Local Admin rights
- From: "Miha Pihler [MVP]" <mihap-news@xxxxxxxxxxx>
- Date: Fri, 28 Apr 2006 22:23:08 +0200
Hi,
Brooster posted a solution to your question.
What I would like to add is a warning against using domain administrator
accounts to logon to user computers.
So simply put -- don't use accounts that have domain administrator
permissions for logging on to client computers. Use these accounts only for
working on domain controllers.
For logging on to client computers create new accounts (e.g. admin-mike,
admin-greg, etc) and add them to a group called e.g. Help Desk. Now add this
group to Local Administrator group by using solution proposed by Brooster.
--
Mike
Microsoft MVP - Windows Security
"RedPenguin" <redpenguin@xxxxxxxxxxxxxxxxxxxxx> wrote in message
news:1254qjd2uso6j84@xxxxxxxxxxxxxxxxxxxxx
Ok we recently installed Microsoft Server 2003 Enterprise Edition on our
PC. The whole domain is working and everyone has thier own login that
works. The only thing is, those users do not have local admin privledges
on the PCs they logon to.
We wish to have a handful of users, HelpDesk, that when they login to any
machine, they automatically get admin privledges on the workstation.
We tried playing with Group Policy Editor but nopthing at all will work.
.
- Follow-Ups:
- Re: Domain Users to have Local Admin rights
- From: RedPenguin
- Re: Domain Users to have Local Admin rights
- References:
- Domain Users to have Local Admin rights
- From: RedPenguin
- Domain Users to have Local Admin rights
- Prev by Date: Re: Domain Users to have Local Admin rights
- Next by Date: Re: format of service principal name (SPN)
- Previous by thread: Re: Domain Users to have Local Admin rights
- Next by thread: Re: Domain Users to have Local Admin rights
- Index(es):
Relevant Pages
|
