Letting Techs add a computer account to the domain

Archived from groups: microsoft.public.windowsnt.domain (More info?)

We are trying to come up with a way that our PC Techs can add a computer
account to the domain, but not have any other Administrative rights to the
domain. Is there a way to do this with NT Server 4.0?

We have had a breach of security here, since the administrator password was
known. Now that it has been changed the network admin is the only person to
be able to add computers to the domain. We need a way the Techs can do this
instead to speed up the process.
3 answers Last reply
More about letting techs computer account domain
  1. Archived from groups: microsoft.public.windowsnt.domain (More info?)

    A user right exists called "add workstations to domain".

    "Charlie E Roberts" <croberts@#Columbusga.org> wrote in message news:
    > We are trying to come up with a way that our PC Techs can add a
    computer
    > account to the domain, but not have any other Administrative rights to
    the
    > domain. Is there a way to do this with NT Server 4.0?
    >
    > We have had a breach of security here, since the administrator
    password was
    > known. Now that it has been changed the network admin is the only
    person to
    > be able to add computers to the domain. We need a way the Techs can do
    this
    > instead to speed up the process.
  2. Archived from groups: microsoft.public.windowsnt.domain (More info?)

    We have tried to do just that but as a group. We are getting an unknown
    username or bad password error when someone that is a part of that group
    tries to join the domain. Should we do each user individually?

    "Michael Giorgio - MS MVP" wrote:

    > A user right exists called "add workstations to domain".
    >
    > "Charlie E Roberts" <croberts@#Columbusga.org> wrote in message news:
    > > We are trying to come up with a way that our PC Techs can add a
    > computer
    > > account to the domain, but not have any other Administrative rights to
    > the
    > > domain. Is there a way to do this with NT Server 4.0?
    > >
    > > We have had a breach of security here, since the administrator
    > password was
    > > known. Now that it has been changed the network admin is the only
    > person to
    > > be able to add computers to the domain. We need a way the Techs can do
    > this
    > > instead to speed up the process.
    >
    >
    >
  3. Archived from groups: microsoft.public.windowsnt.domain (More info?)

    Try adding domain\ to the user account e.g.,
    mydomain\user.
    "Charles E Roberts" <croberts@#Columbusga.org> wrote in message
    news:8513084F-DAF0-4C11-87A2-B0ECE4961FE1@microsoft.com...
    > We have tried to do just that but as a group. We are getting an
    unknown
    > username or bad password error when someone that is a part of that
    group
    > tries to join the domain. Should we do each user individually?
    >
    > "Michael Giorgio - MS MVP" wrote:
    >
    > > A user right exists called "add workstations to domain".
    > >
    > > "Charlie E Roberts" <croberts@#Columbusga.org> wrote in message
    news:
    > > > We are trying to come up with a way that our PC Techs can add a
    > > computer
    > > > account to the domain, but not have any other Administrative
    rights to
    > > the
    > > > domain. Is there a way to do this with NT Server 4.0?
    > > >
    > > > We have had a breach of security here, since the administrator
    > > password was
    > > > known. Now that it has been changed the network admin is the only
    > > person to
    > > > be able to add computers to the domain. We need a way the Techs
    can do
    > > this
    > > > instead to speed up the process.
    > >
    > >
    > >
Ask a new question

Read More

Domain Computers Microsoft Windows