Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 326
  • Last Modified:

Add domain user to local admin account

Hi,

I have a Win 2003 domain called COMPANY, most of the computers in the office are members of that domain, the usual.    I also have a new PC called NEWBOX.

I want to add a domain account from the COMPANY domain to that PC called NEWBOX  with out having to make that NEWBOX a member computer in the domain.  Can that be done?  It's connected and the workgroup name is the same as the COMPANY domain.

All this is just so I can log processes from that PC using Perfmon !  And as far as I know perfmon has to be able to "see " that computer some how !?!

Cheers'
Dave

0
Dave_Cason
Asked:
Dave_Cason
  • 5
  • 4
  • 2
  • +1
1 Solution
 
AmericomCommented:
no, the pc has to be in the domain..

0
 
Ron MalmsteadInformation Services ManagerCommented:
You can't make a domain user a member of a local user group without being joined to the domain.
You can however, make a local user account with admin privilages, that is the same user/pass as the domain account.

You can authenticate to that computer from command line from any remote machine as long as you have that local user pass...  
net use \\computername\ipc$ /user:computername\Adminuser yourpassword

This should allow you admin access to the machine from a domain computer.
0
 
AmericomCommented:
Same workgroup name as the domain name still share nothing as pretty much everything in the workgroup has nothing to do with the domain.

Any reason you cannot make join the machine to the domain? Or what exactly are you trying to accomplish?
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
zelron22Commented:
Be aware that whenever the AD password or the workstation password change, they will need to be resynced.

So you either need to make one/both not expire or prepare to resynchronize them.
0
 
Dave_CasonAuthor Commented:
Yea, thought so .....

What about using perf mon .... anyway around that ?

Cheers'
Dave
0
 
Ron MalmsteadInformation Services ManagerCommented:
If you can successfully authenticate to the machine using a local admin user/pass.......
net use \\ipaddress\ipc$ /user:ipaddress\LocalAdminuser yourpassword
...then you should be able to use perfmon.
0
 
AmericomCommented:
If you are trying to setup  a perfmom to remotely monitor this PC, there is a field where you can input username and password as you wish to run as.
0
 
Dave_CasonAuthor Commented:
Yep, that was the whole point of this ....

I need to watch some system activivty on a PC with out running the perf mon on that local system.  

I know in perf mon you can point it to another PC but I thought that PC had to be a member of the same domain and I know in perf mon to go to add counter and point it to another box but I've never seen where you can input a user name and password.

Can you tell me how to please?

Cheers'
Dave

0
 
AmericomCommented:
Run Perfmom and do Performance Logs and Alerts.
There will be a Run as Field for you to enter computername\username and password.
That's the one you should use to remote monitor and capture etc.
0
 
Dave_CasonAuthor Commented:
Sorry, I had another look and I don't see where that's posable.

I opened Perfmon on my PC, it's an MMC snapin and its ver 5.1.2600.55512 and under Perf Logs and Alerts, I expand the menu and I get three choices Counter Logs - Trace Logs - and Alerts .....I don't see
where I can find thsi run as field.  Maybe I'm not on the same software tool as you. I don't know.

Are you're saying run the perfmon locally on that machine and log it there,and then review it from another box later?  I was hoping to run the perfmon on machine B to watch the actitvity on machine A in real time.

Cheers'
Dave

0
 
AmericomCommented:
You were just there and if you find the the counter logs etc, just right click on them and create a new log setting then the next window popup will have the Run As field. If you don't want to create a new setting, under the counter logs, there's already one created for you called "System...." and once you right click on it, you will also see the Run As option as well. I thought that would be the appropriate solution to monitor any machine remotely and that is what the Counter Logs, Trace Logs and Alerts are for exactly what you are trying to do. Creating addition local account is just not an appropriate solution as if you have to monitor another, you will have to create and manage another account...high maintenance. ..
0
 
Dave_CasonAuthor Commented:
OK, I'll go have a look .... thanks again for the help!
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 5
  • 4
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now