Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 296
  • Last Modified:

Admin rights needed for desktop personnel

We removed the service desk personnel from the Domain Admins group. They no longer have admin rights on the servers. What is the easiest way I can give them these rights back without making them Domain Admins

0
RealBigTime
Asked:
RealBigTime
1 Solution
 
SembeeCommented:
It will need a little legwork or some GP modifications...

Create a new group called "helpdesk" (or whatever).
Add the users to this new group.
Add the group to the local admin group on each of the workstations and servers. You can use GP to do this - otherwise you will have to visit each machine in turn.
You will have to do some more complex things with rights for the domain controllers - as they don't have a local admin group.

Simon.
0
 
RealBigTimeAuthor Commented:
Okay... How do I do this with a GPO?
0
 
plimpiasCommented:
Just add them as a normal user. and go into the security settings of the local server..and go to the secuirty settings. find right to log on locally and add that user in. also you can use delegation on the server and delegate certain tasks to that user. that would probably be the easiest way. go open active directory user and computers. right click a OU and choose delegation...follow the wizard.
0
 
Netman66Commented:
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now