Advertisement

07.17.2008 at 09:40AM PDT, ID: 23573933 | Points: 250
[x]
Attachment Details

Users lock domain admins out of their PCs.

Asked by pie8ter in Active Directory, Windows XP Operating System, Windows 2003 Server

Tags: Microsoft, Windows, 2003 active directory domain

We have windows 2003 AD domain in native mode.  The domain user account is part of Local Administrators group in each PC.  So Joe's domain user account is part of Local Administrators group in his workstation.   I know this is a bad practice, but we have no choice at this time.

Some tech savvy users lock their PCs with either windows firewall or by some other means.  When we, the domain administrators, tries to browse to their PC using computer management snap-in, we get either access denied error or errors similar to it.

Some users simply remove the domain admin account from the local admin group. But we made sure they can't by using the GPO.  What other methods are available for the users to lock the workstations for the domain admins and how to prevent them?

Users can:
1) Stop the "server service"
2) Enable a firewall
3) Stop the "remote registry service"
4)...
5)...

Is there anyway to run a VBScript once every hour using a GPO?  I don't want to use the scheduler service because the users can disable or delete it.

I realize the permanent solution is to take away the local admin rights, but we really can't at this time.

Thanks for you input.
Start Free Trial
[+][-]07.17.2008 at 09:48AM PDT, ID: 22027348

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]07.17.2008 at 09:49AM PDT, ID: 22027367

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]07.17.2008 at 09:53AM PDT, ID: 22027405

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]07.17.2008 at 09:54AM PDT, ID: 22027408

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]07.17.2008 at 09:58AM PDT, ID: 22027451

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]07.17.2008 at 10:01AM PDT, ID: 22027482

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]07.17.2008 at 10:05AM PDT, ID: 22027541

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]07.17.2008 at 10:08AM PDT, ID: 22027573

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]07.17.2008 at 10:08AM PDT, ID: 22027575

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]07.17.2008 at 11:10AM PDT, ID: 22028266

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
 
Loading Advertisement...
20080716-EE-VQP-32 / EE_QW_2_20070628