Solved

Logging onto a Windows 2003 Domain Controller

Posted on 2011-03-14
3
306 Views
Last Modified: 2012-05-11

I've always been a Domain Admin and or Administrator of the domain, so logging on to setup or resolve a printer issue hasn't been an issue.  

We have a new desktop person and we want them to be able to logon and work on printers.  Seems like this may be a challenge and that having the printers on the DC is an issue as only Domain Admins or Administrators are able to logon. Is that correct?  If so, any suggestions on how to resolve this?

Thanks,
RP
0
Comment
Question by:rotarypwr
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 3

Expert Comment

by:Vinamilk1001
ID: 35130909
Hello ,

Try to put this person on the AD built-in group named "Server operators " and "Print operators , it delegate right to person make action on DC without to have the privilege to modify AD .

Second option is to have a dedicated Print Server or migrate the printers on another servers.
 
Rgds.
0
 
LVL 35

Accepted Solution

by:
Seth Simmons earned 500 total points
ID: 35130943
to allow an ordinary user to logon to a domain controller, you change the domain controller security policy.  if it's at the console, add that user to 'allow logon locally' or for rdp access 'allow logon through terminal services'
0
 
LVL 37

Expert Comment

by:Neil Russell
ID: 35130978
You have identified the problem yourself. You "Should" be moving the printer role off the AD and onto a member server.

Alowing ANYBODY except a domain admin access to your domain controllers is a very risky business.
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Popular third-party chat platforms like Slack, Discord, and Telegram are just a few of the many new productivity applications that are being hijacked by cybercriminals to create command-and-control (C&C) communications infrastructures for their malw…
In this blog we highlight approaches to managed security as a service.  We also look into ConnectWise’s value in aiding MSPs’ security management and indicate why critical alerting is a necessary integration.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question