Tom's Hardware > Forum > Windows 2000/NT > Windows 2000/NT General Discussion > Assigning a group in AD to be local admin

Assigning a group in AD to be local admin

Forum Windows 2000/NT : Windows 2000/NT General Discussion - Assigning a group in AD to be local admin

Tom's Hardware: Over 1.4 million members in 6 different countries available to answer all your high-tech questions. Sign up now! Its free!
Ask the community Add a reply
Word :    Username :           
 
Derrick   04-08-2005 at 08:25:06 AM

Archived from groups: microsoft.public.win2000.group_policy (More info?)

 

I have a group called "Technicians" in my AD, and I would like to use group
policy or something else so that the member of the "technicians" group will
have administrator right on all computers in computer container. I know only
domain admins is added automatically to the local computer administrator
group when it join domain, how can I set up policy so that any computer added
to my domain the "Technicians" group will have admin right?
The problem I want to resolve is when my technician logon to a machine, he
or she does not have admin right to the computers. Any suggestion? Thanks in
advance.

Derrick

Add a reply
Sponsored Links
Register or log in to remove.
Anonymous   04-08-2005 at 12:57:03 PM
- 0 +

Archived from groups: microsoft.public.win2000.group_policy (More info?)

 

Hello Derrick,

You can do two things:
1- You can use Restricted Groups thru GPO
2- You can use startup script thru GPO

If you prefer the first option please read the following articles:
http://www.microsoft.com/technet/p [...] c13f5.mspx
http://support.microsoft.com/kb/835901
http://support.microsoft.com/?kbid=810076

be carefull with use of restricted groups!

personally i prefer the second option and you can use a script like that:

'------------------------------------------------------------'

Set wshNetwork = CreateObject("WScript.Network" )
ComputerName= wshNetwork.ComputerName

localstr="WinNT://" & Computername

Technicians="WinNT://YourDomain/Technicians"

AddToGroup Technicians, "Administrators"

function AddToGroup(member, Grpname)

Dim grp1
Set grp1 = Getobject(localstr&"/"& Grpname,group)
grp1.Add (member)

End Function
'------------------------------------------------------------'
Regards

Reply to Anonymous
Anonymous   04-08-2005 at 03:58:07 PM
- 0 +

Archived from groups: microsoft.public.win2000.group_policy (More info?)

 

On Fri, 8 Apr 2005 02:25:06 -0700, "Derrick" <Derrick@discussions.microsoft.com> wrote:

>I have a group called "Technicians" in my AD, and I would like to use group
>policy or something else so that the member of the "technicians" group will
>have administrator right on all computers in computer container. I know only
>domain admins is added automatically to the local computer administrator
>group when it join domain, how can I set up policy so that any computer added
>to my domain the "Technicians" group will have admin right?
>The problem I want to resolve is when my technician logon to a machine, he
>or she does not have admin right to the computers. Any suggestion? Thanks in
>advance.
>
>Derrick

See tip 3251 and 5319 in the 'Tips & Tricks' at http://www.jsifaq.com

Jerold Schulman
Windows Server MVP
JSI, Inc.
http://www.jsiinc.com

Reply to Anonymous
Ask the community Add a reply
Tom's Hardware > Forum > Windows 2000/NT > Windows 2000/NT General Discussion > Assigning a group in AD to be local admin
Go to:

There are 1069 identified and unidentified users. To see the list of identified users, Click here.

Forum map
Bestofmedia Forum ©
2000-2009 Bestofmedia Group
Page generated in 0.597 seconds
Please mind

You are about to answer a thread that has been inactive for more than 6 months.
If you still wish to proceed, please ensure that your posting is original and does not duplicate or overlap any prior responses to this thread.

Add a reply Cancel
Sponsored links
  • Ask the community now
  • Publish
Ad
Related Topics
See all relatives topics
They won a badge
Join us in greeting them
How do I win badges?