Re: Local Admins
From: Torgeir Bakken (MVP) (Torgeir.Bakken-spam_at_hydro.com)
Date: 11/11/03
- Next message: Paul: ""send to" menu"
- Previous message: Torgeir Bakken (MVP): "Re: can't change security permissions back"
- In reply to: Mr. Fixit: "Local Admins"
- Next in thread: Lee Higdon: "Local Admins"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 11 Nov 2003 22:02:34 +0100
Mr. Fixit wrote:
> Management has decided to make all Authenticated Domain users Local Administrators on their office desktop running Win2k and WinXP. Please help me provide information on why this should not be done.
> Any response will be appreciated.
Hi
You could consider using the builtin "NT Authority\Interactive" instead, meaning
everybody logged in interactively (through the console) on the computer.
We add NT Authority\Interactive in the local Administrators group to let all
domain users automatically be local admins when they log on to a computer
interactively (thus avoiding the issue with cross network admin rights that
"Authenticated Domain users ", "Domain Users" or
"NT AUTHORITY\Authenticated Users" will give you).
-- torgeir Microsoft MVP Scripting and WMI, Porsgrunn Norway Administration scripting examples and an ONLINE version of the 1328 page Scripting Guide: http://www.microsoft.com/technet/scriptcenter
- Next message: Paul: ""send to" menu"
- Previous message: Torgeir Bakken (MVP): "Re: can't change security permissions back"
- In reply to: Mr. Fixit: "Local Admins"
- Next in thread: Lee Higdon: "Local Admins"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
