Secure Domain Contollers at Branch Offices
- From: Bob Smith <BobSmith@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 12 May 2008 15:10:05 -0700
We need to reduce the number of users in the Domain Admins group. We are
running Windows 2003 and are not looking to move to the next release for a
while. We have multi-function domain controllers at a number of branch
offices. Administrators have been placed in the Domain Admins group to
administer these servers.
How can we remove admins from the Domain Admins group but still allow them
to perform daily operations tasks on these servers (restart services, setup
printers, logon locally, manage file security... etc). Has anyone come up
with a good security model for this without compromising security too much.
Thanks
.
- Follow-Ups:
- Re: Secure Domain Contollers at Branch Offices
- From: Jorge de Almeida Pinto [MVP - DS]
- Re: Secure Domain Contollers at Branch Offices
- From: Paul Bergson [MVP-DS]
- Re: Secure Domain Contollers at Branch Offices
- From: Al Mulnick
- Re: Secure Domain Contollers at Branch Offices
- Prev by Date: Remote Active Directory serving as a global catalog.
- Next by Date: Re: Remote Active Directory serving as a global catalog.
- Previous by thread: Remote Active Directory serving as a global catalog.
- Next by thread: Re: Secure Domain Contollers at Branch Offices
- Index(es):
Relevant Pages
|
Loading
