I am trying to configure an account for a remote office. There is a user in the office who can do most admin tasks but we want to lock this user down so that they cannot do too much to affect the rest of the organization. I have been directed not to make this a sub-domain which makes things a little difficult. There is a single server for this location which is a domain controller as well as file server and back-up server. The user will definately need to be able to add/remove software on this server, reset accounts for users in this office, possibly create/remove users in this office and perform back-ups of the server. I would prefer not to have this person in the domain admins group. What are the minimum permissions required to perform these tasks? I would have no problem letting this person be an admin on this machine but since it is a DC they would have the same rights to all DCs and I do not want that.
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Custom permissions for remote admin
- Thread starter teqmod
- Start date
- Status
Similar threads
- Locked
- Question