Solved

Allow user access to just one server

Posted on 2012-04-13
6
339 Views
Last Modified: 2012-04-16
I need to give access to a remote user and allow them administrative access to just one server on my Windows 2003 network.  That server is also a Windows 2003 server.  What is the best way to do this?
0
Comment
Question by:Lanee Kirby
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 22

Expert Comment

by:Joseph Moody
ID: 37842822
Add them to the administrators group and enable remote desktop.
0
 
LVL 22

Expert Comment

by:Joseph Moody
ID: 37842825
That would be the local administrators group of the domain member server.
0
 
LVL 17

Expert Comment

by:Anuroopsundd
ID: 37842829
If you just want to give access to one server.. you can add that user to local administrator group.

If the user is not part of the Domain then you can create a local account on that system and share account information.
0
NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

 
LVL 17

Accepted Solution

by:
bigeven2002 earned 250 total points
ID: 37842839
Hello,

The way we've done it is on the 2003 server itself, go to Start and right-click on My Computer and select Manage.  In the Computer Management window, on the left pane, expand Local Users and Groups and highlight Groups.  On the right pane, double-click Adminstrators.  In the properties window, click Add and add the remote user to the list, then Apply.  If the user is already logged in, they will need to logoff first for the change to take effect.
0
 
LVL 9

Assisted Solution

by:bill_lynch
bill_lynch earned 250 total points
ID: 37843603
Greetings:

I'd also lock it down on the AD side, i.e. allow the AD account to only log into one computer:'

In AD, on the user properties on the account tab, click the LogOnTo button then click the following computers and select the computer you want the user to be limited to.
0
 
LVL 38

Expert Comment

by:ChiefIT
ID: 37845523
What are you trying to allow this person to do on your AD domain controllers?

If you need help like this, you should do a netmeeting and allow them to control the desktop. BUT, monitor everything they do.

On an AD server, there is NO local administration. So, you can't have them logon as a local admin.

You can add them to remote desktop, but what permissions are you going to give them as a remote desktop user?

Personally, I would fix things on my AD all by myself and tell that person who wants access to take a flying leap.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question