Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 466
  • Last Modified:

Restrict User to Reboot Server

I have a situation where I need to give a user remote access to reboot a server and nothing else. The server that would need to be rebooted is running 2003 Server R2 Standard. The user would be coming into the environment through a 2008 Small Business Server using Remote Web Workplace. What would be the best way to accomplish this.
0
nriacone
Asked:
nriacone
  • 3
  • 3
  • 2
  • +1
3 Solutions
 
mcsestretchCommented:
Grant the user the "Shut down the system" user right in the security settings on the 2003 Server.
If the computer isn't part of a domain, go to Local Security Settings - Local Policies - User Rights Assignment.

If it is part of a domain, you'll need to make sure that setting isn't defined in the domain policy then follow the steps above.
0
 
Coast-ITCommented:
You could allow him in through RWW as you say, then grant access to the server in question.

Lock down the remote connection for the user in question using this template (may want to change a couple of things)

http://support.microsoft.com/kb/278295

Apart from - make sure user has access to the shutdown restart option.

That imho is the best plan of attack.
0
 
Joshua1909Commented:
Another option is to download pstools from here: http://technet.microsoft.com/en-us/sysinternals/bb896649.aspx (It is a command line utility.)

What you could do is write a simple batch file like this:
-------
psshutdown \\192.168.1.100 -u username -p password -f -t 00
-------
Save that as reboot.bat or whatever then convert it to an .exe file with http://download.cnet.com/Bat-To-Exe-Converter/3000-2069_4-10555897.html

Put the .exe you created and the psshutdown .exe you downloaded in the first step into the same folder on the user's computer--and run it.

The user doesn't even see the username and password being used to restart the server, and all they have to do is run the file!
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
Coast-ITCommented:
The user is coming in via RWW though, so he is coming in from external anyway.  Whatever he connects to he will need a username and password.

The easiest thing would be just to give the reboot button once he has logged in.

So when you are talking about the "users computer", the user it outside of the office.....
0
 
Joshua1909Commented:
@Coast-IT Yes that's true. However RWW gives him the ability to connect to another machine on the network. I don't know why the OP want's to reboot the server, but on the chance that it's because of a server session issue, or even if he just doesn't want the user to log onto the server then he has another option.
0
 
nriaconeAuthor Commented:
Please excuse the delay in responding to your suggestions. I have not been able to get access to the system for the last week. I will hopefully be testing the suggestions this week and post my results.
Thanks,
Nick
0
 
Coast-ITCommented:
Any news?
0
 
nriaconeAuthor Commented:
Other system issues consumed my week. I will try the suggestions by the end of next week.
Thanks,
Nick
0
 
nriaconeAuthor Commented:
The user in question has since changed positions in the company and this is no longer an issue. I divided the points evenly. Thank you for the information and I will keep it in mind for any future issues.
Thanks,
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

  • 3
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now