Solved

Is there a way to move users from the administrator group to the users group using group policy?

Posted on 2012-04-03
6
238 Views
Last Modified: 2012-04-03
Generally, a computer is deployed to a specific user and that individuals network account is added to the users group on the computer.  On occasion that account may have been added to the administrators group during set up and not moved back to the users group prior to deployment.  

Is there are way to move users from the administrators group to the users group using group policy on their respective computers?

In the past I was able to add the Domain Admin account to each computer's administrators group using the Restricted Groups node, on a domain wide group policy.  Is the process similiar to this?  I am worried that I will create a local account for all users on all computers.
0
Comment
Question by:LenCepeda
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 9

Accepted Solution

by:
Geodash earned 250 total points
ID: 37803251
Sounds like you want to use restricted groups.

Take a look at this...

http://www.petri.co.il/forums/showthread.php?t=25515


computer configuration \ windows settings \ restricted groups

group = your group to be made local admins
member of = BUILTIN\Administrators
0
 
LVL 47

Assisted Solution

by:Donald Stewart
Donald Stewart earned 125 total points
ID: 37803255
0
 
LVL 9

Assisted Solution

by:Geodash
Geodash earned 250 total points
ID: 37803256
Here is another good article talking about it...

http://www.pcreview.co.uk/forums/adding-group-user-local-admins-group-all-workstations-t3490156.html

although this one seems to explain the best -

http://www.frickelsoft.net/blog/?p=13
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 12

Assisted Solution

by:Deepu Chowdary
Deepu Chowdary earned 125 total points
ID: 37803262
yes, u can do that using the restricted groups feature in a GPO , use the MEMBERS option.

Check this

http://www.windowsecurity.com/articles/Using-Restricted-Groups.html
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 37803267
not sure how a forum discussion is considered an article
0
 
LVL 9

Expert Comment

by:Geodash
ID: 37803274
I am sorry, I am unable to edit now because of your post. Should I retract my posting because I called it an "article" instead of a "discussion"?
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question