Group Policy and restricting local administrators
- From: "Daniel" <ddarting@xxxxxxxxx>
- Date: 18 Aug 2005 20:32:35 -0700
Greetings,
I am currently working on developing a group policy on a AD container
of servers. I certain users to have virtually local administrator
access to a series of servers, but there are a few things I do not want
them to be able to do. Namely:
1) Not be able to access User Management at all.
2) Not be able to remove entries in the event logs.
I have been successful--using the group policy editor--in limiting
users inside of a container from be able to access the User Management
and Event Viewer MMC snap-ins, but the problem is that is applies to
every system they are on (since those items are under User Settings I
gather). And ideally, I still want these users to be able to view the
event log. But I want them to apply to the systems in the
container...no matter who logs on...except the local administrator
account or of course the domain admin.
I think I am not going about this correctly and I am not terribly
familar with group policy. But I am quite certain it is possible to do
this.
Any assistance is greatly appreciated.
--Daniel
.
- Follow-Ups:
- Re: Group Policy and restricting local administrators
- From: Todd J Heron
- Re: Group Policy and restricting local administrators
- Prev by Date: Re: After SP1 windows cannot see other computers on network.
- Next by Date: Server Stop Error
- Previous by thread: P2p conversion
- Next by thread: Re: Group Policy and restricting local administrators
- Index(es):
Relevant Pages
|
