Solved

Elevated Prvilieges - access right -  Internship User

Posted on 2009-05-19
1
323 Views
Last Modified: 2012-05-07
We have an intern that we would like to have the ability to add pc objects, reset passwords, remote on to company pcs as admin (dameware preferred but remote desktop is allowed), and work with folder rights.
Is there a group / template that already exists that would cover these?
This intern is very trusted however, we want to build a group that future interns could be added to.
We basically do not want them creating users, making OUs, apply GPOs, etc..
We do have a local admin that is the same setting on most pcs.
We could also make them a custom mmc snap-in but still need to define rights/privileges.
BackupOperator and SuperUser?

Thanks
0
Comment
Question by:PostQ
1 Comment
 
LVL 57

Accepted Solution

by:
Mike Kline earned 500 total points
ID: 24423862
What you could do is create a group called "Interns" then add this intern and future interns to that group.
Then if you want you can add that group to the local admin group of all the PCs.  You can do that using restricted groups.  Great entry on that here
http://www.frickelsoft.net/blog/?p=13
You can also delegate tasks using hte delegation control wizard (see screenshot)
Seems like a good place to intern, he should learn a lot
Thanks
Mike

Intern-Delegation.jpg
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

The new Gmail Phishing Scam going around is surprising even the savviest of users with its sophisticated techniques.
One of the biggest threats in the cyber realm pertains to advanced persistent threats (APTs). This paper is a compare and contrast of Russian and Chinese APT's.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

816 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now