Re: Permissions for Administrators
Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance
Anything you can do as a domain admin to lock down a domain admin, they as
domain admins can undo.
If you can't trust them the don't need to be domain admins.
hth
DDS
"WadeBart" <WadeBart@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:8ED1B31C-288D-4A59-9DAC-A1166436AD1E@xxxxxxxxxxxxxxxx
I wanna to take away the ability of Domain Admins (Windows 2003 AD) to
delete
anything in Active Directory. They will still retain all the other rights
that an Administrator normally has but I don't want them to be able to
delete
things. Is there any way to do this natively or do I need to look at a
3rd
party solution?
.
Relevant Pages
- Re: Controlling IT manager access?
... him he as a domain admin can undo. ... trust Him/her". ... The benefits package we ...
(microsoft.public.windows.server.security) - Re: C$ D$ ...
... I'm not sure I can trust the admin. ... >> If it's private then why not encrypt it? ... there are several ways a domain admin could attempt to gain ... If you think PGP is secure, ...
(microsoft.public.win2000.security) - Re: Accountability of Domain Admins
... > I'm in a situation were there's more than one Domain Admin (including ... > me) and there are some trust issues coming up. ... use seperate admin accounts for each person (e.g. no one uses the generic ... Kazaa - Software update services for your Viruses and Spyware. ...
(microsoft.public.windows.server.security) - Re: Trusts
... Joe Richards Microsoft MVP Windows Server Directory Services ... > I use an application on the NT40 domain that needs Domain ... > call it ADMIN01) needs domain admin rights on the WIndows ... >>You can't only trust one user, ...
(microsoft.public.win2000.active_directory) - Re: Trusts
... I use an application on the NT40 domain that needs Domain ... call it ADMIN01) needs domain admin rights on the WIndows ... >You can't only trust one user, ...
(microsoft.public.win2000.active_directory) |
|
