tstinson1980
asked on
Network admin and domain admin accounts and local admin with in the network
Hi there,
here is what we are trying to do. We have 3 people here that deal with servers one sbs 2003 and a couple 2003 standard servers. What we want is one network admin account and 3 domain admin accounts. The domain admin accounts we do not want to have access to be able to reset the password for the network admin account or add them selfs to that group.
As well we want to make a security group or something along this line for local administrators. There are some people on this network that should have access to install software on there own computer as well as others. We do not want to go to each computer and add them as a local administrator due to the number of computers that we have on the network, as well if we need to revoke there rights we don't want to have to remove them from each machine. Wondering how we could do this, we were thinking that we could make a security group and then add the group to each machine as a local admin.
thanks for any input
Tom
here is what we are trying to do. We have 3 people here that deal with servers one sbs 2003 and a couple 2003 standard servers. What we want is one network admin account and 3 domain admin accounts. The domain admin accounts we do not want to have access to be able to reset the password for the network admin account or add them selfs to that group.
As well we want to make a security group or something along this line for local administrators. There are some people on this network that should have access to install software on there own computer as well as others. We do not want to go to each computer and add them as a local administrator due to the number of computers that we have on the network, as well if we need to revoke there rights we don't want to have to remove them from each machine. Wondering how we could do this, we were thinking that we could make a security group and then add the group to each machine as a local admin.
thanks for any input
Tom
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
we have solved the issues thanks very much
There already IS a Domain Power Users group that is configured by default in SBS and has a pre-configured user template that you could use for these folks. The Domain Power Users Group has remote access rights to any computer on the network.
Jeff
TechSoEasy
Jeff
TechSoEasy
ASKER
But obviously this account has no power on the end computers, so how can i get this security group to have local admin rights on all the workstations that are already joined to the network? I do not want to give the individual users the access, just the security group.