Re: Controlling IT manager access?

If he is going to be the domain admin, anything you can do to restrict him
he as a domain admin can undo.

The most important thing to consider when hiring a domain admin is "Can I
trust Him/her".

Hire somebody you can trust.

Otherwise you can set up auditing on the critical files. This could let you
know they have been accessed but it's afterwards.


<decc@xxxxxxxxxxx> wrote in message
I am the business manager for a small business and have been doing all
accounting and IT functions myself. I am considering hiring someone
to take on the majority of these tasks so will need this employee to
perform domain admin functions but I need to restrict access to
payroll and other HR files. Suggestions on how best accomplish this
would be greatly appreciated. The LAN is made up of a single server
running Server 2003 Standard SP2 with 11 XP Pro SP2 PC's.