Re: Group Domain Admins cannot be found
- From: "Bruce Sanderson" <bsanders@xxxxxxxxxxxxxxxx>
- Date: Sun, 22 Mar 2009 16:16:18 -0700
Instead of adding the group to Domain Admins, which means that the members will also be able to administer the Active Directory, servers etc., consider adding the group to the local Administrators group on the workstations using Restricted Groups in seperate GPO linked to the OU that has the computers you want them to be able to install Kix on.
Restricted Groups are in Computer Configuration, Windows Settings, Security Settings. Use the "This group is a member of:" part of " Configure Membership for..." dialog box.
After Kix is installed, you could remove the user accounts from that group, or your Kix installation script could remove from the local Administrators group.
--
Bruce Sanderson
http://members.shaw.ca/bsanders
It is perfectly useless to know the right answer to the wrong question.
"SteveB" <SteveB.3pcm3b@xxxxxxxxxxxxx> wrote in message news:SteveB.3pcm3b@xxxxxxxxxxxxxxxx
I am trying to add a group (Global Security group) I have created in the
Users container to the Domain Admins group which is is in the same
container, but when I try to add it on the "Member of" tab, Check names
is unable to find the group Domain Admins. The group definitely exists.
Object types it is looking for are Groups or Built in security
principals. Location is BLAHBLAH.dom. I have tried changing the
Location all the way down the tree to the actual Users container and it
still cannot find the group.
I have also tried to add this in the opposite direction by choosing the
Domain Admins group and trying to add my group as a member but same
thing, cannot find the group.
Any ideas please??
The reason I am trying to do this is to use a group temporarily to be
added to local machine admins for an install using Kix.
The group has to be in the Domain Admins group to be able to add itself
to a local machine Administrators group. the script then installs the
software and then removes my group from the local administrators group.
I know it can work as I have just used the same procedures and scripts
on one of our other domains and succesfully installed Office 2007 across
the domain.
What could be the difference in this domain to the other one??
This Domain does use separate containers for the different departments
whereas the other domain was set up with everyone in the Users
container,but my group is in the standard Users container along with the
Domain Admins group, they just can't see each other!
--
SteveB
------------------------------------------------------------------------
SteveB's Profile: http://forums.techarena.in/members/61824.htm
View this thread: http://forums.techarena.in/active-directory/1144660.htm
http://forums.techarena.in
.
- References:
- Group Domain Admins cannot be found
- From: SteveB
- Group Domain Admins cannot be found
- Prev by Date: Re: offline KB 810859
- Next by Date: Re: net logon service not running
- Previous by thread: RE: Group Domain Admins cannot be found
- Next by thread: Re: Group Domain Admins cannot be found
- Index(es):
Relevant Pages
|
