Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Add domain user to local admin account

Posted on 2009-04-07
12
Medium Priority
?
322 Views
Last Modified: 2013-11-25
Hi,

I have a Win 2003 domain called COMPANY, most of the computers in the office are members of that domain, the usual.    I also have a new PC called NEWBOX.

I want to add a domain account from the COMPANY domain to that PC called NEWBOX  with out having to make that NEWBOX a member computer in the domain.  Can that be done?  It's connected and the workgroup name is the same as the COMPANY domain.

All this is just so I can log processes from that PC using Perfmon !  And as far as I know perfmon has to be able to "see " that computer some how !?!

Cheers'
Dave

0
Comment
Question by:Dave_Cason
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 2
  • +1
12 Comments
 
LVL 18

Expert Comment

by:Americom
ID: 24089221
no, the pc has to be in the domain..

0
 
LVL 25

Accepted Solution

by:
Ron Malmstead earned 1500 total points
ID: 24089245
You can't make a domain user a member of a local user group without being joined to the domain.
You can however, make a local user account with admin privilages, that is the same user/pass as the domain account.

You can authenticate to that computer from command line from any remote machine as long as you have that local user pass...  
net use \\computername\ipc$ /user:computername\Adminuser yourpassword

This should allow you admin access to the machine from a domain computer.
0
 
LVL 18

Expert Comment

by:Americom
ID: 24089282
Same workgroup name as the domain name still share nothing as pretty much everything in the workgroup has nothing to do with the domain.

Any reason you cannot make join the machine to the domain? Or what exactly are you trying to accomplish?
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 15

Expert Comment

by:zelron22
ID: 24089285
Be aware that whenever the AD password or the workstation password change, they will need to be resynced.

So you either need to make one/both not expire or prepare to resynchronize them.
0
 

Author Comment

by:Dave_Cason
ID: 24089303
Yea, thought so .....

What about using perf mon .... anyway around that ?

Cheers'
Dave
0
 
LVL 25

Expert Comment

by:Ron Malmstead
ID: 24089379
If you can successfully authenticate to the machine using a local admin user/pass.......
net use \\ipaddress\ipc$ /user:ipaddress\LocalAdminuser yourpassword
...then you should be able to use perfmon.
0
 
LVL 18

Expert Comment

by:Americom
ID: 24089386
If you are trying to setup  a perfmom to remotely monitor this PC, there is a field where you can input username and password as you wish to run as.
0
 

Author Comment

by:Dave_Cason
ID: 24089578
Yep, that was the whole point of this ....

I need to watch some system activivty on a PC with out running the perf mon on that local system.  

I know in perf mon you can point it to another PC but I thought that PC had to be a member of the same domain and I know in perf mon to go to add counter and point it to another box but I've never seen where you can input a user name and password.

Can you tell me how to please?

Cheers'
Dave

0
 
LVL 18

Expert Comment

by:Americom
ID: 24089658
Run Perfmom and do Performance Logs and Alerts.
There will be a Run as Field for you to enter computername\username and password.
That's the one you should use to remote monitor and capture etc.
0
 

Author Comment

by:Dave_Cason
ID: 24098504
Sorry, I had another look and I don't see where that's posable.

I opened Perfmon on my PC, it's an MMC snapin and its ver 5.1.2600.55512 and under Perf Logs and Alerts, I expand the menu and I get three choices Counter Logs - Trace Logs - and Alerts .....I don't see
where I can find thsi run as field.  Maybe I'm not on the same software tool as you. I don't know.

Are you're saying run the perfmon locally on that machine and log it there,and then review it from another box later?  I was hoping to run the perfmon on machine B to watch the actitvity on machine A in real time.

Cheers'
Dave

0
 
LVL 18

Expert Comment

by:Americom
ID: 24099004
You were just there and if you find the the counter logs etc, just right click on them and create a new log setting then the next window popup will have the Run As field. If you don't want to create a new setting, under the counter logs, there's already one created for you called "System...." and once you right click on it, you will also see the Run As option as well. I thought that would be the appropriate solution to monitor any machine remotely and that is what the Counter Logs, Trace Logs and Alerts are for exactly what you are trying to do. Creating addition local account is just not an appropriate solution as if you have to monitor another, you will have to create and manage another account...high maintenance. ..
0
 

Author Comment

by:Dave_Cason
ID: 24100198
OK, I'll go have a look .... thanks again for the help!
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
A hard and fast method for reducing Active Directory Administrators members.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Introduction to Processes

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question