Currenlly all desktop support engineer have administrator account to local computer.
The administrator password is a local admin password.
logon : administrator
pass : xxxxxx
localCompute r: comp1 to comp100
Can I create an account in DOMAIN that have local admin right.
The account SHOULD HAVE LOCALADMIN RIGHT BUT NOT ANY SERVER RIGHT
How do I assign this group in active directory?
The purpose of this exercise is to allow centralization of password so I can easily can change the local administrator password.