Re: Domain administrator local admin on every machine
- From: "Pegasus \(MVP\)" <I.can@xxxxxxx>
- Date: Sun, 3 Sep 2006 23:26:37 +1000
<g18c@xxxxxxxxxxx> wrote in message
news:1157289268.325199.94760@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
If you knocked yourself out then you have to put yourself back
into this group.
Thanks for the prompt reply. I've inherited a network of 20 pcs, and
for some reason even though ive added myself to domain admins group im
still locked out. Furthermore once i setup the domain admins i want to
disable all local accounts, or at least prevent login to local
accounts.
Is there anyway i can read-add domain admins to the local
administrators group? By default should i see them listed under the
comuter management -> users tab?
Cheers,
Chris
GUIS are great for users but I prefer to use Command Line
commands - they are often much faster. I gave you most of
the command in my previous note. All you need to do is to
expand it for your current requirement.
You should not have any local accounts other than "Administrator"
plus a backup admin account for times of trouble. Simply remove
the other accounts (but leave the system accounts in place) - this
will prevent people from logging on locally. And change the
password too while you're at it!
net user xxx /del
net user Administrator SomeStrongPassword
net user BackupAdmin SomeStrongPassword /add
net localgroup Administrators "Domain Admins" BackupAdmin /add
.
- References:
- Domain administrator local admin on every machine
- From: g18c
- Re: Domain administrator local admin on every machine
- From: Pegasus \(MVP\)
- Re: Domain administrator local admin on every machine
- From: g18c
- Domain administrator local admin on every machine
- Prev by Date: Re: Domain administrator local admin on every machine
- Next by Date: Re: How can i enable "remote desktop" with telnet utility?
- Previous by thread: Re: Domain administrator local admin on every machine
- Index(es):
Relevant Pages
|
