Solved

Administrator Account

Posted on 2006-10-25
8
210 Views
Last Modified: 2010-03-19
I am a network administrator along with 2 other guys in my organization. We all use the same administrator account. We are a small group and one of the other 2 guys are believed to be going into private shares on the network because they have full control. I know we can setup seperate accounts for each of us. Is there a way to make each admin a lower grade admin so they can install software and that sort of thing but not be able to have access to view files on specific shares?
0
Comment
Question by:eli290
8 Comments
 
LVL 15

Expert Comment

by:Naser Gabaj
Comment Utility
Greetings eli290,

I assume you are in domain LAN not Workgroup.
Make them Administrator only on thier machine but not domain admins, which is the highest level in the domain. and as for you get domain admin

Good Luck!
Naser
0
 

Author Comment

by:eli290
Comment Utility
we are on a domain LAN but i need this to be access on the domain to install software etc.. on other peoples PC's
0
 
LVL 14

Expert Comment

by:Juan Ocasio
Comment Utility
You could also make them a member of power user which should allow to do most installs.

jocasio
0
 
LVL 12

Expert Comment

by:Chris Staunton
Comment Utility
You could also micro manage those special shares and remove the Domain Admins group from those shares so that the group Domain Admins doesn't have rights and assign just a specific admin rights to that group for management of files/folders on the share.


Hope that helps,


Shoota
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
Comment Utility
If they need to be  domain admin you have a problem.
By default private shares are owned by the Administrators account. You can remove this by making either the user the owner, or a specific admin the owner, and then remove the administrators group as having permission to access the files. This will block them from accessing, however as domain admins there is nothing to keep them from taking ownership. You should probably give them their own domain admin account rather than the default, and then enable security logging to see who is going where.
0
 

Author Comment

by:eli290
Comment Utility
How would we enable security logging?
0
 
LVL 77

Expert Comment

by:Rob Williams
Comment Utility
Minor change in group policy will enable. Have look at the following MS article regarding enabling and tracking users:
http://support.microsoft.com/kb/814595
0
 
LVL 77

Expert Comment

by:Rob Williams
Comment Utility
Thanks eli290,
--Rob
0

Featured Post

Free camera licenses with purchase of My Cloud NAS

Milestone Arcus software is compatible with thousands of industry-leading cameras for added flexibility. Upon installation on your My Cloud NAS, you will receive two (2) camera licenses already enabled in the software. And for a limited time, get additional camera licenses FREE.

Join & Write a Comment

What’s a web proxy server? A proxy server is a server that goes between clients and web servers, used in corporate to enforce corporate browsing policy and ensure security. Proxy servers are commonly used in three modes. A)    Forward proxy …
Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now