Solved

Restrict User to Reboot Server

Posted on 2010-08-19
9
448 Views
Last Modified: 2012-06-21
I have a situation where I need to give a user remote access to reboot a server and nothing else. The server that would need to be rebooted is running 2003 Server R2 Standard. The user would be coming into the environment through a 2008 Small Business Server using Remote Web Workplace. What would be the best way to accomplish this.
0
Comment
Question by:nriacone
  • 3
  • 3
  • 2
  • +1
9 Comments
 
LVL 1

Accepted Solution

by:
mcsestretch earned 167 total points
ID: 33474395
Grant the user the "Shut down the system" user right in the security settings on the 2003 Server.
If the computer isn't part of a domain, go to Local Security Settings - Local Policies - User Rights Assignment.

If it is part of a domain, you'll need to make sure that setting isn't defined in the domain policy then follow the steps above.
0
 
LVL 11

Assisted Solution

by:Coast-IT
Coast-IT earned 167 total points
ID: 33474411
You could allow him in through RWW as you say, then grant access to the server in question.

Lock down the remote connection for the user in question using this template (may want to change a couple of things)

http://support.microsoft.com/kb/278295

Apart from - make sure user has access to the shutdown restart option.

That imho is the best plan of attack.
0
 
LVL 6

Assisted Solution

by:Joshua1909
Joshua1909 earned 166 total points
ID: 33474467
Another option is to download pstools from here: http://technet.microsoft.com/en-us/sysinternals/bb896649.aspx (It is a command line utility.)

What you could do is write a simple batch file like this:
-------
psshutdown \\192.168.1.100 -u username -p password -f -t 00
-------
Save that as reboot.bat or whatever then convert it to an .exe file with http://download.cnet.com/Bat-To-Exe-Converter/3000-2069_4-10555897.html

Put the .exe you created and the psshutdown .exe you downloaded in the first step into the same folder on the user's computer--and run it.

The user doesn't even see the username and password being used to restart the server, and all they have to do is run the file!
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 11

Expert Comment

by:Coast-IT
ID: 33474538
The user is coming in via RWW though, so he is coming in from external anyway.  Whatever he connects to he will need a username and password.

The easiest thing would be just to give the reboot button once he has logged in.

So when you are talking about the "users computer", the user it outside of the office.....
0
 
LVL 6

Expert Comment

by:Joshua1909
ID: 33474657
@Coast-IT Yes that's true. However RWW gives him the ability to connect to another machine on the network. I don't know why the OP want's to reboot the server, but on the chance that it's because of a server session issue, or even if he just doesn't want the user to log onto the server then he has another option.
0
 

Author Comment

by:nriacone
ID: 33496905
Please excuse the delay in responding to your suggestions. I have not been able to get access to the system for the last week. I will hopefully be testing the suggestions this week and post my results.
Thanks,
Nick
0
 
LVL 11

Expert Comment

by:Coast-IT
ID: 33540098
Any news?
0
 

Author Comment

by:nriacone
ID: 33549172
Other system issues consumed my week. I will try the suggestions by the end of next week.
Thanks,
Nick
0
 

Author Closing Comment

by:nriacone
ID: 34219047
The user in question has since changed positions in the company and this is no longer an issue. I divided the points evenly. Thank you for the information and I will keep it in mind for any future issues.
Thanks,
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I’m often asked about newer and larger USB drives connected to SBS2008 and 2011 failing Windows Server Backup vs the older USB drives not failing. As disk space continues to grow and drive technology change SBS2008 and some SBS2011 end up with the f…
If you are a user of the discontinued Microsoft Office Accounting 2008 (MSOA) and have to move to a new computer running Windows 8, you will be unhappy to discover that it won't install.  In particular, Microsoft SQL Server 2005 Express Edition (SSE…
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question