Solved

Accessing 2003 Domain Controller without being a Domain Admin

Posted on 2006-07-12
4
367 Views
Last Modified: 2010-04-18
Hoping someone can help me. I have a requirement for a couple of staff to RDP or direct logon to a Windows2003 Domain Controller, but they are not members of the Domain Admins group.

Where on the server can I add them to allow local access and RDP access, with the same rights if it had a local Administrators account.

Thanks
0
Comment
Question by:Nero_Wolfe
  • 2
  • 2
4 Comments
 
LVL 3

Expert Comment

by:valrog
ID: 17090428
Why would you give non-Admins rights to a DC?  Do you know the havoc they could cause?  

Anyhow,  I think you may need to install terminal services.
0
 
LVL 1

Author Comment

by:Nero_Wolfe
ID: 17091547
Because, to satisfy auditors there can only be a limited amount of Domain Admins, which is myself and the backup account.  However i need the it staff to be able to login to the server at the console or via RDP.  I know it can be done, as i've had it done before - something to do with local policies - but I can't remember how to do it.

0
 
LVL 3

Accepted Solution

by:
valrog earned 500 total points
ID: 17092848
Open the Group Policy Management Console (gpmc.msc)

Edit the "Default Domain Controllers Policy"

Computer Configuration
 Windows Settings
  Security Settings
   Local Policies
    User Rights Assignments
    --- Allow logon locally
    --- Allow logon through terminal services


Sorry it took so long, I was working on the same problem also (Test Enviroment)
0
 
LVL 1

Author Comment

by:Nero_Wolfe
ID: 17093539
Thanks - much appreciated.  I thought it was in Policies somewhere, but just couldn't lay my hand to the location.

Thanks again.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Join & Write a Comment

by Batuhan Cetin Within the dynamic life of an IT administrator, we hold many information in our minds like user names, passwords, IDs, phone numbers, incomes, service tags, bills and the order from our wives to buy milk when coming back to home.…
Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now