?
Solved

Administrator Account

Posted on 2006-10-25
8
Medium Priority
?
217 Views
Last Modified: 2010-03-19
I am a network administrator along with 2 other guys in my organization. We all use the same administrator account. We are a small group and one of the other 2 guys are believed to be going into private shares on the network because they have full control. I know we can setup seperate accounts for each of us. Is there a way to make each admin a lower grade admin so they can install software and that sort of thing but not be able to have access to view files on specific shares?
0
Comment
Question by:eli290
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 15

Expert Comment

by:Naser Gabaj
ID: 17803452
Greetings eli290,

I assume you are in domain LAN not Workgroup.
Make them Administrator only on thier machine but not domain admins, which is the highest level in the domain. and as for you get domain admin

Good Luck!
Naser
0
 

Author Comment

by:eli290
ID: 17803470
we are on a domain LAN but i need this to be access on the domain to install software etc.. on other peoples PC's
0
 
LVL 14

Expert Comment

by:Juan Ocasio
ID: 17803484
You could also make them a member of power user which should allow to do most installs.

jocasio
0
Simple, centralized multimedia control

Watch and learn to see how ATEN provided an easy and effective way for three jointly-owned pubs to control the 60 televisions located across their three venues utilizing the ATEN Control System, Modular Matrix Switch and HDBaseT extenders.

 
LVL 12

Expert Comment

by:Chris Staunton
ID: 17803530
You could also micro manage those special shares and remove the Domain Admins group from those shares so that the group Domain Admins doesn't have rights and assign just a specific admin rights to that group for management of files/folders on the share.


Hope that helps,


Shoota
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 2000 total points
ID: 17803548
If they need to be  domain admin you have a problem.
By default private shares are owned by the Administrators account. You can remove this by making either the user the owner, or a specific admin the owner, and then remove the administrators group as having permission to access the files. This will block them from accessing, however as domain admins there is nothing to keep them from taking ownership. You should probably give them their own domain admin account rather than the default, and then enable security logging to see who is going where.
0
 

Author Comment

by:eli290
ID: 17803578
How would we enable security logging?
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 17803702
Minor change in group policy will enable. Have look at the following MS article regarding enabling and tracking users:
http://support.microsoft.com/kb/814595
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 17804414
Thanks eli290,
--Rob
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
This program is used to assist in finding and resolving common problems with wireless connections.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Suggested Courses

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question