thank you very much for the info.. This is the same solution I have in
place right now.. But I am curious, why this was never the case in
windos 2000 AD? I did not have to do anything in active directory nor
used restricted groups in order to keep a user in the local admin
group?
thanks
On Sun, 28 Oct 2007 16:15:49 +0000 (UTC), Meinolf Weber
<meiweb(nospam)@gmx.de> wrote:
>Hello El,
>
>It is the same solution like for 2000, use Restricted groups:
>http://www.windowsecurity.com/articl...ed-Groups.html
>
>Best regards
>
>Meinolf Weber
>Disclaimer: This posting is provided "AS IS" with no warranties, and confers
>no rights.
>** Please do NOT email, only reply to Newsgroups
>** HELP us help YOU!!! http://www.dts-l.org/goodpost.htm
>
>> Hello,
>>
>> back in the 2000 AD era, I was ablet to manually add a domain user to
>> the Local admin group in certain domain pc. This was sort of a
>> requirement for certain users eg, laptop users that needs to have more
>> than average user control of their pc. However, after I upgraded my
>> domain controller to AD 2003, I am not able to do so. I can add the
>> user but then it gets overwritten by the default domain policy?.
>>
>> I have gone though each policy and cannot find an entry where it tells
>> the domain to over write any exisiting local administrator account.
>>
>> Has anyone encountered this issue before? Any help / input in this
>> matter is hughly appreciated.
>>
>
Similar Threads
Linear Mode
