I would like you suggestions here.
I have an SBS Server ready for a customer, in fact more than one.
We have a contact on site that will do anything we ask them to do on the server for us. Knowing that a full administrator user will be able to do absolutely anything on the server, we do not want to give this person the account. However, changing/checking backup of our USB drives would need a person to click the 'Safely Remove Hardware' option for the USB device. So here, they need login previleges.
Also, I don't want to give them access to other users mailboxes. Simply put, the full administrator account will be able to add 'Mailbox Rights' to peoples mailboxes and give themselves full access with the administrator account. I don't like the fact that one person in the company would be able to do this.
What account level should I give a contact on-site to be able to perform login tasks, change/check backup?
What do you guys give your on-site contacts?