users need to get remote desktop access rights to domain controller computer without administrator rights
Posted on 2007-11-22
I have single windows 2003 standard in the company.
the server is used as domain controller, software dev and file server.
in the file server each worker has his own folder with security/ sharing rights just for him (and backup user).
some developers needs access to the server, e.g. to restart IIS, to terminate shared files sessions and so on
i want to give those developers terminal service access but when i add them to the remote desktop group the server does not allow them to log in remotely (they are member of domain users, remote users)
when i add those developers to administrators group they are able to login through remote desktop but they can also change file server folders security = read whatever they want which i can't allow.
In simple words - i need to give some users the abilty to remotely connect and operate most actions on the server but without the abiltiy to change security rights on some folders (and without the ability to give themselves the right to do so...)