andre_st
asked on
What is the lest privilege needed to log on to a Windows Server 2008?
I am studying for a microsoft certification - focusing on Windows Server 2008. In the course litterature one is supposed to log on to the server from time to time as a regular user - to test several different things. This is supposed to be possible if the user account is added to the "print operator" group (as a least privilege needed, to log on to the server).
But I am not able to log in to the server, being a member of the "print operators", and "domain users" - I just get the message that the logon failed with these credentials. Is there some other group which I should use instead?
(I know this is not best practice in a real production environment.)
But I am not able to log in to the server, being a member of the "print operators", and "domain users" - I just get the message that the logon failed with these credentials. Is there some other group which I should use instead?
(I know this is not best practice in a real production environment.)
Is it is a member server or Domain controller?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
It is a domain controller.
I am at work now, so I couldnt test this on the computers I am using for my studying. but I tested it on the domain controller here at work, and I got no problems logging on to the server, once I was a member of the "print operators". Although the potential problem of logging in with terminal services was not an issue in my case - I also tested it. After modifying the group policy, I also could log in remotely.
I have to test this again at home, as I was allready member of the print operators, and I only tried to log in locally. Perhaps it is a setting in the domain controller Group Policy object. I´ll get back to you on that one.
I am at work now, so I couldnt test this on the computers I am using for my studying. but I tested it on the domain controller here at work, and I got no problems logging on to the server, once I was a member of the "print operators". Although the potential problem of logging in with terminal services was not an issue in my case - I also tested it. After modifying the group policy, I also could log in remotely.
I have to test this again at home, as I was allready member of the print operators, and I only tried to log in locally. Perhaps it is a setting in the domain controller Group Policy object. I´ll get back to you on that one.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.