menreeq
asked on
corky user rights issue.
I have a laptop that is joined to our domain and neither local admins nor domain admins are able to change the wait time for the screen saver. Where should I check to enable this for users?
Is it set up in Group Policy? Regardless if it is or not, Admins (domain and local) should have this capability.
~coolsportp00
~coolsportp00
You might want to add domain admins to the Local Administrators Group
For a single computer
logon as Local Administrator to the computer (not the domain)
Right click on "My Computer" and select Manage
Expand "Local Users and Groups->Groups->Administra
Click Add
Enter the full user name eg domain\username
and OK out again
You can add users to Local Administrators with group policy.
First put the users that you want to give local admin rights to into a security group (or you Domain Users if you want it to apply to all users)
Create and OU that contains the computers that you want them to have rights on and put the computers into the OU. Note that this cannot be the Computers Container and should not contain any servers or Domain Controllers for obvious reasons.
Create a group policy that configures the security group as a Restricted Group , and under the "This group is a member of...", option add "Administrators"
Link the GPO to the OU that contains the computers
Run gpupate/force to update the policy
See http://support.microsoft.com/kb/810076
For a single computer
logon as Local Administrator to the computer (not the domain)
Right click on "My Computer" and select Manage
Expand "Local Users and Groups->Groups->Administra
Click Add
Enter the full user name eg domain\username
and OK out again
You can add users to Local Administrators with group policy.
First put the users that you want to give local admin rights to into a security group (or you Domain Users if you want it to apply to all users)
Create and OU that contains the computers that you want them to have rights on and put the computers into the OU. Note that this cannot be the Computers Container and should not contain any servers or Domain Controllers for obvious reasons.
Create a group policy that configures the security group as a Restricted Group , and under the "This group is a member of...", option add "Administrators"
Link the GPO to the OU that contains the computers
Run gpupate/force to update the policy
See http://support.microsoft.com/kb/810076
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I found the group policy and set it to not apply to the user and domain admins. thanks for the input.
User configuration, Administrative Templates, Control Panel, Display, Screen Saver timeout
That should sort it