Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Elevated Prvilieges - access right -  Internship User

Posted on 2009-05-19
1
Medium Priority
?
356 Views
Last Modified: 2012-05-07
We have an intern that we would like to have the ability to add pc objects, reset passwords, remote on to company pcs as admin (dameware preferred but remote desktop is allowed), and work with folder rights.
Is there a group / template that already exists that would cover these?
This intern is very trusted however, we want to build a group that future interns could be added to.
We basically do not want them creating users, making OUs, apply GPOs, etc..
We do have a local admin that is the same setting on most pcs.
We could also make them a custom mmc snap-in but still need to define rights/privileges.
BackupOperator and SuperUser?

Thanks
0
Comment
Question by:PostQ
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 57

Accepted Solution

by:
Mike Kline earned 2000 total points
ID: 24423862
What you could do is create a group called "Interns" then add this intern and future interns to that group.
Then if you want you can add that group to the local admin group of all the PCs.  You can do that using restricted groups.  Great entry on that here
http://www.frickelsoft.net/blog/?p=13
You can also delegate tasks using hte delegation control wizard (see screenshot)
Seems like a good place to intern, he should learn a lot
Thanks
Mike

Intern-Delegation.jpg
0

Featured Post

Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions? Just ask.
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question