I have created an OU that includes former domain admins. I want to give them local admin rights to all 100 member servers but no access to the domain controllers. The are out of the domain Admins group.
Can members of the built in group 'Domain computers' and server operators join a workstation in the domain ?
How should i build my Gropu policy to reach the above result ?