Hhi guys hope you are well and can assist.
Guys, we have an AD 2003 environment with Windows XP and Windows 7.
We are using Remote Assistance but do not want the helpers of Remote Assistance to have local admin access.
We want them to be able to do stuff, so the group policy we have set is as follows:
Computer Configuration >> Administrative Templates >> System >> Remote Assistance >> Offer Remote Assistance
There are 2 options in here to set the degree of access for these helpers:
1) Allow helpers to remotely control the computer
2) Allow helpers to only view the computer.
My question is this.
We have selected option 1) above.
Does that mean that the helper has FULL LOCAL ADMIN access to the machine in which they help, regardless of whether the helper is a member of the local admins group on the destination computer in which they help?
Basically, we want to allow certain users to offer help by way of Remote Assistance but NOT allow them FULL LOCAL ADMIN access to the machine.
Any help greatly appreciated.