Allowing a user to access Server as Administrator

Windows server 2003/Active Directory/DC
I would like to give a user admin privaledges on the server.  I know I just need to add the user to the administrators group, however, that user has a roaming profile and I don't want it saved on the server.  Is there a way around this without giving the user the original admin logon.
Who is Participating?
You would need to set the policy to not cache local profiles for the default domain controllers group policy.  But this will also not allow you to keep the Administrator's profile.

The other thing to do is give the other user a second account.  This account would be for the administrator priviledge.  Have the user only use this account when logging into the domain controller.  This way a minimal profile is created on the dc.  Yes - there are "user" issues here as you have to instill in this person that this new administrator account is not to be abused.  That's a management issue.
If I read this right, and the server is indeed a domain controller, then there is not longer a local Administrators group. The only way for this person to have 'administrative privileges' over this server would be Domain Admin rights....which I would avoid if possible.

If you did want to do that, and did not want the roaming profile involved. Your best bet would be to create another user on the domain. Use delegation in AD Users and Computers to give the neccessary rights to this account (or make this account a member of the domain admins group), and let the person log on that way.

Why do they need admin privileges on your domain controller?
kzackeryAuthor Commented:
Thanks ocon.

aissim, i'm going on vacation and i need to have someone here that can take care of immediate issues if they arise.  
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.