Re: AD to desktop Permissions problem
- From: "Laura E. Hunter [MVP]" <laurahcomputing.nospam@xxxxxxxxx>
- Date: Mon, 19 Mar 2007 11:40:04 -0400
Let's begin straight off with this: you can add the fac member's domain
account to the local administrators group on her workstation without making
her a Domain Admin. The former proffers admin rights to a single
workstation, the latter to your entire domain. I would sooner set my hair on
fire than make a user a DA to address a local application problem; it's a
horrific idea and one that should not have been implemented even as a
temporary workaround.
To troubleshoot the individual application issues, you can use filemon and
regmon to determine which files and registry keys the user is unable to
access as a Standard User. These tools are available as a free download
here: http://www.microsoft.com/technet/sysinternals/default.mspx
HTH
--
-----------------------
Laura E. Hunter
Microsoft MVP - Windows Server Networking
Author: _Active Directory Consultant's Field Guide_
(http://tinyurl.com/7f8ll)
Author: _Active Directory Cookbook, Second Edition_
(http://tinyurl.com/z7svl)
<chris.ftcc@xxxxxxxxx> wrote in message
news:1174315064.616322.238940@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hello,
I am not a Windows server guru by any means; I was thrown into this
position and had to play the "figure out yourself game for six months
now" I am at a school that has AD setup and has two groups of
users...students and faculty....both are just set up as domain users
and users. The problem I have is a strange one...One of the technical
assistants had to reinstall Windows on the hard drive of a previously
crashed computer. She joined the computer to the domain using the
admin account; and installed all of the programs necessary for the
faculty member to have. The problem is, when the faculty member logs
in and tries to run her programs, it says she does not have sufficient
rights to do so. Before her hard drive crashed, she did not have any
special privileges that would give her any extra authority to run
stuff on her machine. Her account is setup just as all of the faculty
members are setup and none of the other members have trouble running
their programs...I even deleted her account and copied one of the
other members accounts so that everything was identical; Still no
success; she cannot run any of her programs on her local machine
without getting the message of insufficient privileges...Temporarily,
I made her a member of the Domain Admins group to circumvent this, but
this is not how I want things to be set up...(security nightmare)...So
based off of the info, is there anyone that knows where I can look to
fix this issue?
Thank you in advance for your time.
.
- Follow-Ups:
- Re: AD to desktop Permissions problem
- From: chris . ftcc
- Re: AD to desktop Permissions problem
- References:
- AD to desktop Permissions problem
- From: chris . ftcc
- AD to desktop Permissions problem
- Prev by Date: Re: Resize partition on Windows 2003 server urgent!!!!
- Next by Date: Re: Can I have multiple password policies?
- Previous by thread: AD to desktop Permissions problem
- Next by thread: Re: AD to desktop Permissions problem
- Index(es):
Relevant Pages
|
