Allow user access to just one server

I need to give access to a remote user and allow them administrative access to just one server on my Windows 2003 network.  That server is also a Windows 2003 server.  What is the best way to do this?
LVL 1
Lanee KirbyAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Joseph MoodyBlogger and wearer of all hats.Commented:
Add them to the administrators group and enable remote desktop.
0
Joseph MoodyBlogger and wearer of all hats.Commented:
That would be the local administrators group of the domain member server.
0
AnuroopsunddCommented:
If you just want to give access to one server.. you can add that user to local administrator group.

If the user is not part of the Domain then you can create a local account on that system and share account information.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

bigeven2002Commented:
Hello,

The way we've done it is on the 2003 server itself, go to Start and right-click on My Computer and select Manage.  In the Computer Management window, on the left pane, expand Local Users and Groups and highlight Groups.  On the right pane, double-click Adminstrators.  In the properties window, click Add and add the remote user to the list, then Apply.  If the user is already logged in, they will need to logoff first for the change to take effect.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
bill_lynchCommented:
Greetings:

I'd also lock it down on the AD side, i.e. allow the AD account to only log into one computer:'

In AD, on the user properties on the account tab, click the LogOnTo button then click the following computers and select the computer you want the user to be limited to.
0
ChiefITCommented:
What are you trying to allow this person to do on your AD domain controllers?

If you need help like this, you should do a netmeeting and allow them to control the desktop. BUT, monitor everything they do.

On an AD server, there is NO local administration. So, you can't have them logon as a local admin.

You can add them to remote desktop, but what permissions are you going to give them as a remote desktop user?

Personally, I would fix things on my AD all by myself and tell that person who wants access to take a flying leap.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.