Re: administrator on box also on domain?
- From: "Paul Bergson" <pbergson@xxxxxxxxxxxxxxxxx>
- Date: Wed, 10 Aug 2005 08:00:09 -0500
A local John.Doe cannot do anything in the domain, he would have NO domain
rights or permissions.
--
Paul Bergson MCT, MCSE, MCSA, CNE, CNA, CCA
This posting is provided "AS IS" with no warranties, and confers no rights.
"Larry D" <ldempsey@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:u%23bVMmVnFHA.2904@xxxxxxxxxxxxxxxxxxxxxxx
> That is what I am trying to figure out. If I add John Doe to the
> administrators group at the PC then it shows something like:
>
> administrator
> domain_name\Domain Admins
> domain_name\John.Doe
>
> But if I add John Doe as a user first, then go into the local
> administrator's group I can add him and it looks like:
>
> administrator
> John.Doe
> domain_name\Domain Admins
>
> So my question is, what is the difference as far as permissions and rights
> for 'domain_name\John.Doe' as an administrator and just 'John.Doe' as an
> administrator? Therein lies my quandry...
>
> Larry
>
>
> "bob" <someone@xxxxxxxxxxxxx> wrote in message
> news:ealuwEVnFHA.3828@xxxxxxxxxxxxxxxxxxxxxxx
>>
>> "Larry D" <ldempsey@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>> news:Olyt9rUnFHA.1480@xxxxxxxxxxxxxxxxxxxxxxx
>>> My last job we had a Power Users group on the AD domain and all users
>>> were
>>> in it, except for the IT department, and the users were locked down
>>> pretty
>>> tight. My new job does it differently, no polices in force, install what
>> you
>>> want. In AD all users are in the domain users group, but at the PC the
>>> IT
>>> people would go in to Computer Management and add the user of that PC to
>> the
>>> Administrators group on the domain. They want the users to be admins of
>> the
>>> box so they can install software, printers, etc. Adding them as admins
>>> on
>>> the box does not make them appear in the admin group in AD, so I am not
>> sure
>>> if it is the same thing or not. I know you can add the user to the users
>>> group then add him to the admin group on the box and that is definitely
>>> a
>>> local issue, but what about the other?
>>>
>>> TIA, Larry
>>>
>>>
>>
>> Hi Larry,
>> Are you confusing the Administrators group on the workstation with the
>> Domain Administrators Group in AD?
>> The Domain Administrators group on the Domain is made a memebr of the the
>> local Administrators group when the workstation joins the active
>> directory
>> domain.
>> Any user who is a memebr of Domain Administrators can then administer any
>> box
>> In my company we want the user of the PC to be an administrator of their
>> own
>> PC and nothing else, so we add the user to the local Administrators group
>> only.
>>
>> Hope this clears things up
>>
>> Bob
>>
>>
>
>
.
- Follow-Ups:
- Re: administrator on box also on domain?
- From: Victoria Bolton
- Re: administrator on box also on domain?
- From: Hutch
- Re: administrator on box also on domain?
- References:
- administrator on box also on domain?
- From: Larry D
- Re: administrator on box also on domain?
- From: bob
- Re: administrator on box also on domain?
- From: Larry D
- administrator on box also on domain?
- Prev by Date: Re: Base distinguished name (DN)
- Next by Date: RE: group policies for "students"
- Previous by thread: Re: administrator on box also on domain?
- Next by thread: Re: administrator on box also on domain?
- Index(es):
Relevant Pages
|
