Re: granting admin access to windows services
- From: "Paul Bergson [MVP-DS]" <pbbergs@xxxxxxxxxxxxxx>
- Date: Mon, 8 Jun 2009 07:08:07 -0500
Yeah, we use these in our dmz's.
--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup This
posting is provided "AS IS" with no warranties, and confers no rights.
"pber" <pber@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:83144D08-9055-4438-8602-D0A2370D5622@xxxxxxxxxxxxxxxx
Alternately to using GPOs and having to deal with extra WMI
filters/Security
Filters/OUs/documentation, you could use Security Templates using the same
config settings as the GPO and just applying that template to the required
servers.
I have used this method numerous times as I would rather keep my GPOs
lean.
"Paul Bergson [MVP-DS]" wrote:
Marcin,
I have not seen this approach before and will have to think how this
could
help my enterprise. But I worry how additional gpo's could build but I
like
the built in documentation.
Nice tip.
--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup This
posting is provided "AS IS" with no warranties, and confers no rights.
"Scott" <scottfranks@xxxxxxxxxxxxxxx> wrote in message
news:uChefJU5JHA.1712@xxxxxxxxxxxxxxxxxxxxxxx
thanks for the quick reply.
I dont think i have the skill set to write the scripts/commands to make
these tools work. Do you know if there is a site that would have a
script
developed and all i would have to do is fill in the blanks?
"Paul Bergson [MVP-DS]" <pbbergs@xxxxxxxxxxxxxx> wrote in message
news:eGsFb3T5JHA.140@xxxxxxxxxxxxxxxxxxxxxxx
We use setacl from sourceforge along with sc.exe command. SetACL
allows
you to set acl's on the service itself.
example
sc \\server stop "servicename"
--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This
posting is provided "AS IS" with no warranties, and confers no rights.
"Scott" <scottfranks@xxxxxxxxxxxxxxx> wrote in message
news:%23xWpKqR5JHA.1420@xxxxxxxxxxxxxxxxxxxxxxx
Hi,
I need to grant a couple of users permission to access a servers
window
services and be able to start/ restart or stop any windows service.
We
do not want them to use RDP, we don't want to give them local admin
access or to use a generic admin account, perferably just their
domain
account.
This would enable them to do first level support on a application
without involving IT .
Any ideas?
thanks,
Scott
.
- References:
- granting admin access to windows services
- From: Scott
- Re: granting admin access to windows services
- From: Paul Bergson [MVP-DS]
- Re: granting admin access to windows services
- From: Scott
- Re: granting admin access to windows services
- From: Paul Bergson [MVP-DS]
- Re: granting admin access to windows services
- From: pber
- granting admin access to windows services
- Prev by Date: Bulk create new security groups
- Next by Date: Re: AD transition from w2k3 std to w2k3 std R2
- Previous by thread: Re: granting admin access to windows services
- Next by thread: 1 of 2 domain controllers down and users cannot login to the domai
- Index(es):
Relevant Pages
|
Loading
