dee30
asked on
helpdesk to local admin group best practice?
I want to add helpdesk group with one help desk member to a set of local admin group for some station on the domain. (2008 AD but 2003 domain func level and stations are xp win7 x32 and x64 on the win7. )
best route:
computer config - restricted groups. applying to comp ou
user config - gpo with local users and groups gpp. applying to user
Delegation - on the ou the helpdesk group is part of along with the computers? this one i'm not sure about.
Looking for best insights and specifics on computer vs user config being where to setup the gpo/gpp/delegation on.
Thx
best route:
computer config - restricted groups. applying to comp ou
user config - gpo with local users and groups gpp. applying to user
Delegation - on the ou the helpdesk group is part of along with the computers? this one i'm not sure about.
Looking for best insights and specifics on computer vs user config being where to setup the gpo/gpp/delegation on.
Thx
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
great... Speco1 this is the opinion/weigh in i was looking for. I've used GPP in the past and wondering which is truly the best practice or easiest or better method.
the restricted group route is applied to computer with ou of the computers correct? Regardless I'll review the links. Mostly win7 at this time but will need it to work for some xp too. thx
the restricted group route is applied to computer with ou of the computers correct? Regardless I'll review the links. Mostly win7 at this time but will need it to work for some xp too. thx
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you again.
http://www.frickelsoft.net/blog/?p=13
Group policy preferences can also be used http://www.grouppolicy.biz/2010/01/how-to-use-group-policy-preferences-to-secure-local-administrator-groups/
Please test first so you get a feel for it.
Thanks
Mike