Announcement

Collapse
No announcement yet.

add AD user as local admin?

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • add AD user as local admin?

    Server 2008

    I want to give local administrator rights in a group of computers to one of my AD users, how do I do that using GPO?

    Someone mentioned "Restricted Groups", is that the lead?

    Thanks

  • #2
    Re: add AD user as local admin?

    Yups, restricted groups is a way you can use.
    Marcel
    Technical Consultant
    Netherlands
    http://www.phetios.com
    http://blog.nessus.nl

    MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
    "No matter how secure, there is always the human factor."

    "Enjoy life today, tomorrow may never come."
    "If you're going through hell, keep going. ~Winston Churchill"

    Comment


    • #3
      Re: add AD user as local admin?

      Originally posted by Joel-IT View Post
      Server 2008

      I want to give local administrator rights in a group of computers to one of my AD users, how do I do that using GPO?

      Someone mentioned "Restricted Groups", is that the lead?

      Thanks
      I guess its not possible. Local Admin see only objects located on local machine like Guest user or local admin.

      Comment


      • #4
        Re: add AD user as local admin?

        Sorry, but that is absolute rubbish.
        It has always been possible to add domain accounts to the local admin group of a domain member computer.

        One of the easiest ways is to use restricted groups, where the membership is specified in a group policy and all other members are removed from the local admin group.
        Tom Jones
        MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
        PhD, MSc, FIAP, MIITT
        IT Trainer / Consultant
        Ossian Ltd
        Scotland

        ** Remember to give credit where credit is due and leave reputation points where appropriate **

        Comment


        • #5
          Re: add AD user as local admin?

          It works!!!

          Instead of adding users to the local admin group one-by-one in 80 computers I just created that "Restricted Groups" GPO and it worked like a charm!!

          You guys are awesome, thank you!

          Comment

          Working...
          X