Re: Domain Admin Share
- From: KingBuzzo <KingBuzzo@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 5 Jul 2006 12:51:02 -0700
Domain Admins have special rights to the domain by default.
Administrators only have rights to the DC.
"Paul Bergson" wrote:
Check the shares I don't think domain admins don't have access by default..
--
Paul Bergson MCT, MCSE, MCSA, Security+, CNE, CNA, CCA
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no rights.
"KingBuzzo" <KingBuzzo@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:8630C6E6-3D2E-4975-8214-4A74258C3BF6@xxxxxxxxxxxxxxxx
We want to be able to connect to the admin share on any pc in the old
domain.
I believe that only the NT Domain Admins have that right by default.
We can open User Manager and do some administrative stuff but it still
asks
for credentials when you try to connect to an admin share.
"Paul Bergson" wrote:
I'm not sure I understand your question, but if the AD domain admins have
admin rights on the box in question they should be able to administer the
share or create/delete it.
--
Paul Bergson MCT, MCSE, MCSA, Security+, CNE, CNA, CCA
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no
rights.
"KingBuzzo" <KingBuzzo@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:E08E7A28-111C-4CEC-8474-F779C13FE294@xxxxxxxxxxxxxxxx
Ok, I was able to add the Domain Admins from the AD Domain to the
Administrators NT Group. Now I can administer the NT Domain but I
still
have
the issue of connecting to any admin share in the old domain.
I understand that only the Domain Admins NT Group has this right.
Is there another way to do this?
"KingBuzzo" wrote:
That sounds easy enough.
However, when I go to add users to the NT Domain Admins Group, I only
see
a
list of the NT Domain Users and it doesn't give me an option to select
another domain.
Do I have to add them to a local group first or use the command line?
Thanks!
"Paul Bergson" wrote:
Just add the domain admins to your NT admins group. When you go to
add
members be sure to select the 2003 domain. That is all there is to
it.
--
Paul Bergson MCT, MCSE, MCSA, Security+, CNE, CNA, CCA
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no
rights.
"KingBuzzo" <KingBuzzo@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:F336780C-A67F-462C-9E71-4466FA7B17D3@xxxxxxxxxxxxxxxx
Hi Fellas:
I am testing the following scenario:
Domain A is W2K3 AD.
Domain B is NT4.0
I am using ADMT to migrate my users from the old domain to the new
domain
in
stages.
If I migrate my Admins from Domain B to Domain A, how can they
effectivly
manage Domain B during the staged migration. How will they be
able
to use
the NT domain tools or connect to an admin share without
authenticating
everytime.
I have already set up to two way trust but I cannot grasp how to
add
the
AD
Domain Admins group to the NT Domain Admins group.
Thanks!
- References:
- Re: Domain Admin Share
- From: Paul Bergson
- Re: Domain Admin Share
- From: KingBuzzo
- Re: Domain Admin Share
- From: Paul Bergson
- Re: Domain Admin Share
- From: KingBuzzo
- Re: Domain Admin Share
- From: Paul Bergson
- Re: Domain Admin Share
- Prev by Date: Re: 2 AD domains on same server possible?
- Next by Date: Re: adding a DC to an existing SBS 2003 domain
- Previous by thread: Re: Domain Admin Share
- Next by thread: Re: KCC connections for replication
- Index(es):
Relevant Pages
|
