Improve company productivity with a Business Account.Sign Up

x
?
Solved

Logging onto a Windows 2003 Domain Controller

Posted on 2011-03-14
3
Medium Priority
?
313 Views
Last Modified: 2012-05-11

I've always been a Domain Admin and or Administrator of the domain, so logging on to setup or resolve a printer issue hasn't been an issue.  

We have a new desktop person and we want them to be able to logon and work on printers.  Seems like this may be a challenge and that having the printers on the DC is an issue as only Domain Admins or Administrators are able to logon. Is that correct?  If so, any suggestions on how to resolve this?

Thanks,
RP
0
Comment
Question by:rotarypwr
3 Comments
 
LVL 3

Expert Comment

by:Vinamilk1001
ID: 35130909
Hello ,

Try to put this person on the AD built-in group named "Server operators " and "Print operators , it delegate right to person make action on DC without to have the privilege to modify AD .

Second option is to have a dedicated Print Server or migrate the printers on another servers.
 
Rgds.
0
 
LVL 37

Accepted Solution

by:
Seth Simmons earned 2000 total points
ID: 35130943
to allow an ordinary user to logon to a domain controller, you change the domain controller security policy.  if it's at the console, add that user to 'allow logon locally' or for rdp access 'allow logon through terminal services'
0
 
LVL 37

Expert Comment

by:Neil Russell
ID: 35130978
You have identified the problem yourself. You "Should" be moving the printer role off the AD and onto a member server.

Alowing ANYBODY except a domain admin access to your domain controllers is a very risky business.
0

Featured Post

Simple Misconfiguration =Network Vulnerability

In this technical webinar, AlgoSec will present several examples of common misconfigurations; including a basic device change, business application connectivity changes, and data center migrations. Learn best practices to protect your business from attack.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

It's not just another paperwork submission. Serious planning and rigour to managing the whole thought processes need to be put in place. The intent is not on drilling into the details, but to share tips in getting the first thing right to kick-start…
This is the conclusion of the review and tests for using two or more Password Managers so you don't need to rely on just one. This article describes the results of a lot of testing in different scenario's to reveal which ones best co-exist together.…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

606 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question