"S3" <S3@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:E779EEA8-5EBE-48F5-A646-A8F216AF9652@xxxxxxxxxxxxxxxx > I know we can use the Add the Adminsitrators security group to roaming
user
> profiles setting to give the Admins full access to profiles. My questions
is
> how can I substitute the Admnistrators security group for another security
> group. Is this value stored on the server registry somewhere? Can we
create
> an ADM template for this. Thanks!!
Yes.
But what are you REALLY trying to accomplish? (Rather than
how you think you might do that....)
SubInAcl.exe (reskit) will change an ACL to reference a different
group.
Add the Adminsitrators security group to roaming user profiles ... I know we can use the Add the Adminsitrators security group to roaming user...profiles setting to give the Admins full access to profiles. ... (microsoft.public.windows.server.active_directory)
Re: AD and DHCP ... > a member of the Enterprise Admins security group.... You only want very knowledgeable people to be a member of the ... (microsoft.public.win2000.active_directory)
Re: Domain admin rights across domains using 1 account ... I meant Local Admins.... Here's the ideia, by default Enterprise admins are members of every domain Local Administrators security group, but when you use the Enterprise Administrators, them any domain that is created or any other existing domain will give those rights to members of that group as well, so, by creating a security group and add those groups to local Admnistrators in the child domains will do the same thing but in a controlled way. ... (microsoft.public.windows.server.active_directory)
