finance_teacher
asked on
Local Admin User -- deny additional local admins ?
How can I do something like the below "DESIRED"
solution without allowing step #6+ to happen since
I want to FORCE users to login as POWERUSER when doing
installs to help prevent accidentally installing
something without being aware of it (i.e. virus) ?
Server = Windows Server 2012 R2 with AD
Client = Windows 10 Pro
-------------------------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- --
Current
1. user gets error message when
trying to install something
2. user calls me
3. I DameWare into machine
4. I login to Windows 10 Pro as me
5. I do the install
-------------------------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- --
Desired
1. user gets error message when
trying to install something
2. user logs into Windows 10 Pro
as "USER=POWERUSER, PASS=something"
3. user does install
4. user logs back into
their regular account
5. install works
6. user does above desired step #2 again,
doing the below to grant their
USER=LastNameFirstInitial ADMIN
rights all the time
** Control Panel
** Administrative Tools
** Computer Management
** Local Users and Groups
** Groups
** Administrators
** Add
** USER=LastNameFirstInitial
solution without allowing step #6+ to happen since
I want to FORCE users to login as POWERUSER when doing
installs to help prevent accidentally installing
something without being aware of it (i.e. virus) ?
Server = Windows Server 2012 R2 with AD
Client = Windows 10 Pro
--------------------------
Current
1. user gets error message when
trying to install something
2. user calls me
3. I DameWare into machine
4. I login to Windows 10 Pro as me
5. I do the install
--------------------------
Desired
1. user gets error message when
trying to install something
2. user logs into Windows 10 Pro
as "USER=POWERUSER, PASS=something"
3. user does install
4. user logs back into
their regular account
5. install works
6. user does above desired step #2 again,
doing the below to grant their
USER=LastNameFirstInitial ADMIN
rights all the time
** Control Panel
** Administrative Tools
** Computer Management
** Local Users and Groups
** Groups
** Administrators
** Add
** USER=LastNameFirstInitial
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.