<div>
Administrator does allow both install and uninstall.<br />
Anyone in the administrators group can by default use RDP. You can block this by using a deny against a different group (that he could be a mamber of) or against his account explicitly (bit nasty though). This isn't ideal as you'd have to make the deny change on each server.<br />
You should have a separate &quot;Server Admins&quot; group that gives server admin right without being a domain admin.<br />
Then have other server admin groups for different types of server, e.g. exchange admins, terminal server admins, SQL admins to make it more granular. Depends on the size of your IT facilities of course.<br />
Don't make somebody you don;t trust a domain admin, they could cause massive damage unintentionally (or intentionally!).
</div>


<div>
really hmmm, it wont let him uninstall when hes logged in with this account thats a member of administrators, ive seen it myself too<br />
<br />
but if administrators can rdp in, i dont want him in that group either<br />
ive created a security group called machine admins, how do i apply features to this group?<br />
i.e uninstall and install software only, thats all i want him to do really<br />
<br />
cheers
</div>


<div>
<div class="content wysiwyg-content">
Hi all,<br />
<br />
quick one here, <br />
<br />
we have a IT junior now in our office and ive created him a seperate account to install and uninstall software, i put &nbsp;the new account in the administrators group, this lets him install but not uninstall<br />
<br />
what rights does he need to do both?<br />
<br />
also if it is domain admin, how can i prohibit him rdping in this account to the servers?<br />
<br />
Thanks
</div>
</div>


Hi all,

quick one here, 

we have a IT junior now in our office and ive created him a seperate account to install and uninstall software, i put  the new account in the administrators group, this lets him install but not uninstall

what rights does he need to do both?

also if it is domain admin, how can i prohibit him rdping in this account to the servers?

Thanks

user rights to uninstall and install on a domain, do they have to be domain admin? administrator wont enable uninstall...

Windows Server 2008 and Windows Server 2008 R2, based on the Microsoft Vista codebase, is the last 32-bit server operating system released by Microsoft. It has a number of versions, including including Foundation, Standard, Enterprise, Datacenter, Web, HPC Server, Itanium and Storage; new features included server core installation and Hyper-V.