Solved

Active directory user with admin rights for software installtion and support

Posted on 2014-03-25
4
32 Views
Last Modified: 2015-07-21
Dear Experts,

I need to deal with IT departments all the time with admin rights for our software installation.

I need to get them to create an OU with the machine and user for our company that has admin rights. The trick is to have the admin rights just for the software installation and not be a security threat to the rest of the domain.

I spoke to the software vendor and they recommend to install the software as a domain admin.

Obviously that creates problems with the clients IT department.

Can you send me a link with the active directory instructions for what I want to do. I need the actual important steps for this please.

I am aiming at having the sales team add this to our documentation.

Regards,

M
0
Comment
Question by:marceloNYC
  • 2
  • 2
4 Comments
 
LVL 6

Expert Comment

by:vmagan
ID: 39953793
why  not create the OU and only provide local admin rights if the software is being installed on PCs?

You can push local admin rights down to the OU doesn't need to be admin rights if all you are doing is installing software on the pcs.
0
 

Author Comment

by:marceloNYC
ID: 39953812
As per the vendor it is ideal to install the software with domain admin right because of some data base accounts that are created for the software. The software has to have ms sql express installed as well. Something like that I was told.
0
 
LVL 6

Accepted Solution

by:
vmagan earned 500 total points
ID: 39954046
take a look at this on how to limit the domain admin. Let me know what you think.

http://serverfault.com/questions/83686/how-to-create-a-limited-domain-admin-that-does-not-have-access-to-domain-contr
0
 

Author Comment

by:marceloNYC
ID: 39954082
Let me tested and I will get back to you. I need a couple of days please.

Thanks!
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Azure Active Directory 3 90
Cannot access RDP (AD 2012) 6 46
IE 11 proxy GPO 1 38
Password change / expire 4 39
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question