<div>
Hello , <br />
<br />
Try to put this person on the AD built-in group named &quot;Server operators &quot;&nbsp;and &quot;Print operators , it delegate right to person make action on DC without to have the privilege to modify AD .<br />
<br />
Second option is to have a dedicated Print Server or migrate the printers on another servers.<br />
&nbsp;<br />
Rgds.
</div>


Hello ,

Try to put this person on the AD built-in group named "Server operators " and "Print operators , it delegate right to person make action on DC without to have the privilege to modify AD .

Second option is to have a dedicated Print Server or migrate the printers on another servers.
 
Rgds.

<div>
You have identified the problem yourself. You &quot;Should&quot; be moving the printer role off the AD and onto a member server.<br />
<br />
Alowing ANYBODY except a domain admin access to your domain controllers is a very risky business.<br />

</div>


You have identified the problem yourself. You "Should" be moving the printer role off the AD and onto a member server.

Alowing ANYBODY except a domain admin access to your domain controllers is a very risky business.


<div>
<div class="content wysiwyg-content">
<br />
I've always been a Domain Admin and or Administrator of the domain, so logging on to setup or resolve a printer issue hasn't been an issue. &nbsp;<br />
<br />
We have a new desktop person and we want them to be able to logon and work on printers. &nbsp;Seems like this may be a challenge and that having the printers on the DC is an issue as only Domain Admins or Administrators are able to logon. Is that correct? &nbsp;If so, any suggestions on how to resolve this? <br />
<br />
Thanks,<br />
RP 
</div>
</div>



I've always been a Domain Admin and or Administrator of the domain, so logging on to setup or resolve a printer issue hasn't been an issue.  

We have a new desktop person and we want them to be able to logon and work on printers.  Seems like this may be a challenge and that having the printers on the DC is an issue as only Domain Admins or Administrators are able to logon. Is that correct?  If so, any suggestions on how to resolve this? 

Thanks,
RP 

Logging onto a Windows 2003 Domain Controller

Windows Server 2003 was based on Windows XP and was released in four editions: Web, Standard, Enterprise and Datacenter. It also had derivative versions for clusters, storage and Microsoft’s Small Business Server. Important upgrades included integrating Internet Information Services (IIS), improvements to Active Directory (AD) and Group Policy (GP), and the migration to Automated System Recovery (ASR).

Windows Server 2003

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.

Security

IT Administration is the processes and best practices for programming and development, and incorporates methodologies for managing activities and projects. Common methodologies include waterfall, prototyping, iterative and incremental development, spiral development, rapid application development, extreme programming and various types of agile methodology. The life-cycle "model" is a more general term for a category of methodologies, and a software development "process" a more specific term to refer to a specific process chosen by a specific organization.