I have a 2008 r2 server on a domain.
I have an account on this box that needs to be an administrator but I do not want them to install programs. They need to be an administrator to migrate data in user accounts. If I make them a user it is extremely tedious to give them the proper permissions.
How can I accomplish this?