TechRepublic|Forums|Networks

Networks

Question

  • Creator
    Topic
  • April 17, 2007 at 3:34 pm #2261993

    Delegate ability to add computer to domain and full control of workstations

    Locked

    by truwarrior22 · about 17 years ago

    If there away to give a group of help desk personal full access to workstations and the ability to add computers to the domain? Not sure what the best way to go about this is. Was thinking of createing a helpdesk security group and using the delagation wizard, but I’m not sure how I can have them have full control of the PC with out being able to logon to the servers. Thank you in advanced for any advice!

    Topic is locked This conversation is currently closed to new comments.
  • Creator
    Topic

All Answers

  • Author
    Replies
    • April 17, 2007 at 3:34 pm #2531477

      Clarifications

      by truwarrior22 · about 17 years ago

      In reply to Delegate ability to add computer to domain and full control of workstations

      Clarifications

    • April 17, 2007 at 9:34 pm #2531411

      delegate and …

      by lowlands · about 17 years ago

      In reply to Delegate ability to add computer to domain and full control of workstations

      Delegate the right to add workstations to the domain in AD. To give admin permissions on the PC’s themselves you’ll have to add the Helpdesk group to to local administrators group on the PC(‘s).

      • April 18, 2007 at 7:40 pm #2530913

        Quick way to add group?

        by truwarrior22 · about 17 years ago

        In reply to delegate and …

        Makes since, but is there a quick way to add a help desk group to the local administrator group without touching each PC? Thank you!

        • April 18, 2007 at 8:45 pm #2530884

          a logon script

          by lowlands · about 17 years ago

          In reply to Quick way to add group?

          would probably be your best option. If you use AD, you can push the script with a group policy

        • June 13, 2007 at 11:18 am #2586365

          Use a group policy to assign local admin rights

          by mkanakos · about 16 years, 10 months ago

          In reply to a logon script

          you can assign users to the local admins group of domain PC’s via Group Policy.

          I made a new GPO and named it local admin rights on desktops. In GPO settings goto Computer Config > Windows Settings > Security Settings > Restricted Groups. Add the domain group you want to be added to the local admin group and you’re all set.

          Don’t forget to link the GPO to the correct OU / site /domain.

    • June 13, 2007 at 11:56 am #2586345

      Delegation Wizard

      by taboga · about 16 years, 10 months ago

      In reply to Delegate ability to add computer to domain and full control of workstations

      Another option:

      1. Create a Security Group and add the users. Open ADUC. Go to the Domain Level, ex: abc.com. Right-click and delegate control. Add your group and choose – next. Under the list of common tasks, choose: Join a computer to the domain.

      2. Create an OU, place any/all computers in the OU that you want managed by the group. Grant the group the admin rights to the objects in that OU.

    • June 14, 2007 at 8:41 pm #2585238

      SMS

      by truwarrior22 · about 16 years, 10 months ago

      In reply to Delegate ability to add computer to domain and full control of workstations

      Actually I ended up creating a batch file that deployed sms which added a group named “helpdesk” to the local admin group. Thanks for the help!

    • May 30, 2008 at 1:13 am #2451690

      I am facing the same problem

      by ziqbal452 · about 15 years, 10 months ago

      In reply to Delegate ability to add computer to domain and full control of workstations

      Dear Fellows,
      i am also facing the same problem and i want to implement the same case in my Lab. Did any one solve this problem ???

      “Delegate ability to add computer to domain and full control of workstations”

      plz reply me and thank x in advance

      Zafar

  • Author
    Replies
Viewing 4 reply threads