Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 202
  • Last Modified:

Delegating control of a single windows 2003 server in a domain

We have regional centers and each regional center has a local DC. We have a tech at each regional center and I am wondering what would be the easiest way to give him "local" administrative privileges on the DC. I do not want to make him a domain admin. I would normally do this by going into Computer Management and assigning him to the local administrator group but this being a DC that is not an option. Any feedback is appreciated.
0
J C
Asked:
J C
2 Solutions
 
Mike KlineCommented:
What kinds of things do you need him to do, unfortunately there is no easy way to be a full admin on a DC short of making them builtin admins/domain admins.    

Thanks

Mike
0
 
J CAuthor Commented:
To be able to start/stop services.
0
 
SandeshdubeyCommented:
You can delegate control to non admin account to perform certain admin acitivity like reset password,create user,delete user,etc.

To delegate rights to control the sytem service:
http://www.windowsitpro.com/article/permissions/how-can-i-delegate-permission-for-a-user-or-group-to-control-certain-services-

0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Tackle projects and never again get stuck behind a technical roadblock.
Join Now