Location: Mail List

Ads

Skyscraper

The GPTalk Mailing List

The GPTALK mailing list is where you can send and receive email related to Windows Group Policy. You must subscribe to the list to send and receive mail from the list. The purpose of the list is to provide a forum for asking and answering technical questions related to Group Policy. Any question is fair game as long as it is related to Windows Group Policy.  The Archives for this list can be found on this page.

 

List Posts

Forums >GPTalk >GPTalk Mailing List
Subject: [gptalk] Domain User to local admin rights group on single workstation
Prev Next
You are not authorized to post a reply.

AuthorMessages
HatimValiUser is Offline

Posts:7

02/15/2010 8:06 PM  
Greetings,

I am not sure if it already had been discussed or archived in the past.

I am trying to figure out how to grant the individual domain user to local
admin rights to a single workstation through GPO. Let me explain little
background on my current AD. One policy for all machines is to keep
flushing up any domain users from local administrators group on every
machines. I am using Restricted Groups policy under Computer. It works
great for domain groups under members in restricted groups.

However, I am not able to see where I can add the domain user to local
administrators group on specific machine instead of all machines. For
example, when I added the domain user to local admin group on a machine, it
disappeared after rebooting or gpupdating because of restricted group with
members.

>From my impression, we need to separate a special dedicated OU for some
machines that allows individual user(s) to have admin rights. I don't want
to create many GPO for specific machines under several OUs. What is your
recommendation or Have you suggested the best solution?

Thanks,

--
Hatim A. Vali
Data Center Engineer
Information Technology Services
Gallaudet University
(202) 651-5300 (Office)
(202) 651-5477 (Fax)

=============================

//Confidentiality Notice: This e-mail message, including any attachments, is
for the sole use of the intended recipient(s) and may contain confidential
and privileged information. Any unauthorized review, use, disclosure or
distribution is prohibited. If you are not the intended recipient, please
contact the sender by reply e-mail and destroy all copies of the original
message.//

You are not authorized to post a reply.
Forums >GPTalk >GPTalk Mailing List > [gptalk] Domain User to local admin rights group on single workstation



ActiveForums 3.7

Members

MembershipMembership:
Latest New UserLatest:larrys
New TodayNew Today:0
New YesterdayNew Yesterday:0
User CountOverall:1340
People OnlinePeople Online:
VisitorsVisitors:0
MembersMembers:0
TotalTotal:0
Online NowOnline Now:

Ads

Banner Inv
Copyright 2009 by GPOGUY.COM
Terms Of Use