• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 332
  • Last Modified:

Add domain user to local admin account

Hi,

I have a Win 2003 domain called COMPANY, most of the computers in the office are members of that domain, the usual.    I also have a new PC called NEWBOX.

I want to add a domain account from the COMPANY domain to that PC called NEWBOX  with out having to make that NEWBOX a member computer in the domain.  Can that be done?  It's connected and the workgroup name is the same as the COMPANY domain.

All this is just so I can log processes from that PC using Perfmon !  And as far as I know perfmon has to be able to "see " that computer some how !?!

Cheers'
Dave

0
Dave_Cason
Asked:
Dave_Cason
  • 5
  • 4
  • 2
  • +1
1 Solution
 
AmericomCommented:
no, the pc has to be in the domain..

0
 
Ron MalmsteadInformation Services ManagerCommented:
You can't make a domain user a member of a local user group without being joined to the domain.
You can however, make a local user account with admin privilages, that is the same user/pass as the domain account.

You can authenticate to that computer from command line from any remote machine as long as you have that local user pass...  
net use \\computername\ipc$ /user:computername\Adminuser yourpassword

This should allow you admin access to the machine from a domain computer.
0
 
AmericomCommented:
Same workgroup name as the domain name still share nothing as pretty much everything in the workgroup has nothing to do with the domain.

Any reason you cannot make join the machine to the domain? Or what exactly are you trying to accomplish?
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
zelron22Commented:
Be aware that whenever the AD password or the workstation password change, they will need to be resynced.

So you either need to make one/both not expire or prepare to resynchronize them.
0
 
Dave_CasonAuthor Commented:
Yea, thought so .....

What about using perf mon .... anyway around that ?

Cheers'
Dave
0
 
Ron MalmsteadInformation Services ManagerCommented:
If you can successfully authenticate to the machine using a local admin user/pass.......
net use \\ipaddress\ipc$ /user:ipaddress\LocalAdminuser yourpassword
...then you should be able to use perfmon.
0
 
AmericomCommented:
If you are trying to setup  a perfmom to remotely monitor this PC, there is a field where you can input username and password as you wish to run as.
0
 
Dave_CasonAuthor Commented:
Yep, that was the whole point of this ....

I need to watch some system activivty on a PC with out running the perf mon on that local system.  

I know in perf mon you can point it to another PC but I thought that PC had to be a member of the same domain and I know in perf mon to go to add counter and point it to another box but I've never seen where you can input a user name and password.

Can you tell me how to please?

Cheers'
Dave

0
 
AmericomCommented:
Run Perfmom and do Performance Logs and Alerts.
There will be a Run as Field for you to enter computername\username and password.
That's the one you should use to remote monitor and capture etc.
0
 
Dave_CasonAuthor Commented:
Sorry, I had another look and I don't see where that's posable.

I opened Perfmon on my PC, it's an MMC snapin and its ver 5.1.2600.55512 and under Perf Logs and Alerts, I expand the menu and I get three choices Counter Logs - Trace Logs - and Alerts .....I don't see
where I can find thsi run as field.  Maybe I'm not on the same software tool as you. I don't know.

Are you're saying run the perfmon locally on that machine and log it there,and then review it from another box later?  I was hoping to run the perfmon on machine B to watch the actitvity on machine A in real time.

Cheers'
Dave

0
 
AmericomCommented:
You were just there and if you find the the counter logs etc, just right click on them and create a new log setting then the next window popup will have the Run As field. If you don't want to create a new setting, under the counter logs, there's already one created for you called "System...." and once you right click on it, you will also see the Run As option as well. I thought that would be the appropriate solution to monitor any machine remotely and that is what the Counter Logs, Trace Logs and Alerts are for exactly what you are trying to do. Creating addition local account is just not an appropriate solution as if you have to monitor another, you will have to create and manage another account...high maintenance. ..
0
 
Dave_CasonAuthor Commented:
OK, I'll go have a look .... thanks again for the help!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

  • 5
  • 4
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now