Solved

What is the argument / thinking that makes users the local admin for a PC when using the user / computer wizards?

Posted on 2006-06-13
4
318 Views
Last Modified: 2010-04-19
The conventional wisdom is that users should get only the minimum permissions needed to get by.  But walking through the SBS 2003 add user wizard, it is very easy to assign a user to a PC / wind up making them the local admin.  I don't think it spells that out all that clearly when walking through the wizards.  And then if you DON'T make them the local admin, the sbs_logon_script tries to run the installs and will error out that you don't have rights.  for non-techie users that you don't want them having admin rights and you don't want them getting the error to get flustered / have to call the help desk, this doesn't seem to make sense.

am I doing something wrong?  Are my experiences accurate?

thank you.
0
Comment
Question by:Techsupportwhiz
  • 2
4 Comments
 
LVL 7

Expert Comment

by:Zadkin
ID: 16895871
It is the same as making shares accessible to everyone and setting permissions through NTFS.  All domain users are local admin,  the rights are set by group policies.  
0
 

Author Comment

by:Techsupportwhiz
ID: 16895944
you said 'all domain users are local admin'.  not right away, right?  you mean if you set up the computer when in the add user wizard?  Or the same result if when ou add a new pc with server/connectcomputer and then you get the list of users, choose 1 or more and then chose the existing profile to use for that user?  that makes that user a local admin?  If you didn't do that, the user would not be a local admin, right?
0
 
LVL 7

Accepted Solution

by:
Zadkin earned 300 total points
ID: 16897352
You are correct the server/connectcomputer makes the selected users local admin.  Other users can log in and even get there outlook automatically set up,  but are not admin and have to be added manually to the admin group.   Lacking admin rights can be a problem when certain applications have to be set up or run.  

The topic was discussed recently in  http://www.experts-exchange.com/Q_21882271.html
0
 
LVL 74

Assisted Solution

by:Jeffrey Kane - TechSoEasy
Jeffrey Kane - TechSoEasy earned 200 total points
ID: 16898136
Techsupportwhiz,

Please review the link that Zadkin provided above and if you have further questions or concerns you'd like answerd, let me know.

Jeff
TechSoEasy
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

A lot of problems and solutions are available on the net for the error message "Source server does not meet minimum requirements for migration" while performing a migration from Small Business Server 2003 to SBS 2008. This error pops up just before …
Written by Glen Knight (demazter) as part of a series of how-to articles. Introduction One of the biggest consumers of disk space with Small Business Server 2008(SBS) is Windows Server Update Services, more affectionately known as WSUS. For t…
This video discusses moving either the default database or any database to a new volume.
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now