Solved

Add domain user to local admin account

Posted on 2009-04-07
12
308 Views
Last Modified: 2013-11-25
Hi,

I have a Win 2003 domain called COMPANY, most of the computers in the office are members of that domain, the usual.    I also have a new PC called NEWBOX.

I want to add a domain account from the COMPANY domain to that PC called NEWBOX  with out having to make that NEWBOX a member computer in the domain.  Can that be done?  It's connected and the workgroup name is the same as the COMPANY domain.

All this is just so I can log processes from that PC using Perfmon !  And as far as I know perfmon has to be able to "see " that computer some how !?!

Cheers'
Dave

0
Comment
Question by:Dave_Cason
  • 5
  • 4
  • 2
  • +1
12 Comments
 
LVL 18

Expert Comment

by:Americom
ID: 24089221
no, the pc has to be in the domain..

0
 
LVL 25

Accepted Solution

by:
Ron Malmstead earned 500 total points
ID: 24089245
You can't make a domain user a member of a local user group without being joined to the domain.
You can however, make a local user account with admin privilages, that is the same user/pass as the domain account.

You can authenticate to that computer from command line from any remote machine as long as you have that local user pass...  
net use \\computername\ipc$ /user:computername\Adminuser yourpassword

This should allow you admin access to the machine from a domain computer.
0
 
LVL 18

Expert Comment

by:Americom
ID: 24089282
Same workgroup name as the domain name still share nothing as pretty much everything in the workgroup has nothing to do with the domain.

Any reason you cannot make join the machine to the domain? Or what exactly are you trying to accomplish?
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 
LVL 15

Expert Comment

by:zelron22
ID: 24089285
Be aware that whenever the AD password or the workstation password change, they will need to be resynced.

So you either need to make one/both not expire or prepare to resynchronize them.
0
 

Author Comment

by:Dave_Cason
ID: 24089303
Yea, thought so .....

What about using perf mon .... anyway around that ?

Cheers'
Dave
0
 
LVL 25

Expert Comment

by:Ron Malmstead
ID: 24089379
If you can successfully authenticate to the machine using a local admin user/pass.......
net use \\ipaddress\ipc$ /user:ipaddress\LocalAdminuser yourpassword
...then you should be able to use perfmon.
0
 
LVL 18

Expert Comment

by:Americom
ID: 24089386
If you are trying to setup  a perfmom to remotely monitor this PC, there is a field where you can input username and password as you wish to run as.
0
 

Author Comment

by:Dave_Cason
ID: 24089578
Yep, that was the whole point of this ....

I need to watch some system activivty on a PC with out running the perf mon on that local system.  

I know in perf mon you can point it to another PC but I thought that PC had to be a member of the same domain and I know in perf mon to go to add counter and point it to another box but I've never seen where you can input a user name and password.

Can you tell me how to please?

Cheers'
Dave

0
 
LVL 18

Expert Comment

by:Americom
ID: 24089658
Run Perfmom and do Performance Logs and Alerts.
There will be a Run as Field for you to enter computername\username and password.
That's the one you should use to remote monitor and capture etc.
0
 

Author Comment

by:Dave_Cason
ID: 24098504
Sorry, I had another look and I don't see where that's posable.

I opened Perfmon on my PC, it's an MMC snapin and its ver 5.1.2600.55512 and under Perf Logs and Alerts, I expand the menu and I get three choices Counter Logs - Trace Logs - and Alerts .....I don't see
where I can find thsi run as field.  Maybe I'm not on the same software tool as you. I don't know.

Are you're saying run the perfmon locally on that machine and log it there,and then review it from another box later?  I was hoping to run the perfmon on machine B to watch the actitvity on machine A in real time.

Cheers'
Dave

0
 
LVL 18

Expert Comment

by:Americom
ID: 24099004
You were just there and if you find the the counter logs etc, just right click on them and create a new log setting then the next window popup will have the Run As field. If you don't want to create a new setting, under the counter logs, there's already one created for you called "System...." and once you right click on it, you will also see the Run As option as well. I thought that would be the appropriate solution to monitor any machine remotely and that is what the Counter Logs, Trace Logs and Alerts are for exactly what you are trying to do. Creating addition local account is just not an appropriate solution as if you have to monitor another, you will have to create and manage another account...high maintenance. ..
0
 

Author Comment

by:Dave_Cason
ID: 24100198
OK, I'll go have a look .... thanks again for the help!
0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn how ViaSat reduced average response times for IT incidents from 10 minutes to 30 seconds.
Read about the ways of improving workplace communication.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question