Add additional domain group to local admins groups?
- From: "Valkan" <spam#npspam.com>
- Date: Wed, 22 Mar 2006 21:33:39 -0800
Is using "restricted groups" the only way to automate adding additional
groups other than just "domain administrators" to the local administrators
on all domain workstation?
We would like to have a group with members that are local admins on all
workstations and also have the right to add and remove machines names to the
domain, but not be domain admins.
I have heard that there is some hotfix that was needed to prevent restricted
groups created from a GPO from flushing out the existing local admins on the
machines.
I was told this is that patch even though it doesn't actually say on the
page that's what it does.
http://support.microsoft.com/default.aspx?kbid=810076
We need to add new default local admins without removing the local admins
already on the machines (assigned users need to keep their admin rights in
order to run some apps on their PCs).
Would that hotfix have to be run on every machine on the domain or only on
the machine that was used to create the GPO?
.
- Follow-Ups:
- Re: Add additional domain group to local admins groups?
- From: Roger Abell [MVP]
- Re: Add additional domain group to local admins groups?
- From: Florian Frommherz
- Re: Add additional domain group to local admins groups?
- Prev by Date: Re: 2003 SBS Group Policy Question
- Next by Date: Re: Add additional domain group to local admins groups?
- Previous by thread: Default Location for GPO's
- Next by thread: Re: Add additional domain group to local admins groups?
- Index(es):
Relevant Pages
|
