Re: Admin with no Rights to Active Directory
From: DebraH (DebraH_at_discussions.microsoft.com)
Date: 03/21/05
- Next message: Joe Richards [MVP]: "Re: Admin with no Rights to Active Directory"
- Previous message: Sreeram Bandakavi: "Recipient Policies Not working"
- In reply to: Joe Richards [MVP]: "Re: Admin with no Rights to Active Directory"
- Next in thread: Joe Richards [MVP]: "Re: Admin with no Rights to Active Directory"
- Reply: Joe Richards [MVP]: "Re: Admin with no Rights to Active Directory"
- Messages sorted by: [ date ] [ thread ]
Date: Sun, 20 Mar 2005 18:27:03 -0800
For a help desk user, should I give them Server Operator rights? I need the
user to be able to start and shutdown server and run some services. I also
need them to manage DHCP.
"Joe Richards [MVP]" wrote:
> You can't, anyone who can make changes to services, files, etc on a DC can seize
> domain admin access rights and even Enterprise Admin rights. Do not let anyone
> but domain admins log into DCs.
>
> joe
>
> --
> Joe Richards Microsoft MVP Windows Server Directory Services
> www.joeware.net
>
>
> DebraH wrote:
> > How do I make someone an admin but take away their rights to making changes
> > within Active Directory? I would like to give a support user the ability to
> > logon to Domain Controllers to troubleshoot DHCP, DNS and some applications
> > that run on the server, but I do not want them to have the ability to make
> > changes to Active Directory (create or delete OUs, delete admins etc).
> >
> > Thanks
> > dhodgkins61@comcast.net
>
- Next message: Joe Richards [MVP]: "Re: Admin with no Rights to Active Directory"
- Previous message: Sreeram Bandakavi: "Recipient Policies Not working"
- In reply to: Joe Richards [MVP]: "Re: Admin with no Rights to Active Directory"
- Next in thread: Joe Richards [MVP]: "Re: Admin with no Rights to Active Directory"
- Reply: Joe Richards [MVP]: "Re: Admin with no Rights to Active Directory"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
