|
Posted by Steven L Umbach on September 27, 2005, 7:07 pm
If you were Registered and logged in, you could reply and use other advanced thread options
If all you want to do is to manage access to files/folders then modify share
and ntfs permissions for the users that need access which could be regular
domain users assuming you are not talking about the administrative shares
such as C$. If you want the user to install applications on a domain
controller then they would need to be an administrator for the domain unless
the application is a .msi package that can be published via Group Policy
Software Installation. If you could be more specific on exactly what you
need these users to do someone on this newsgroup could probably be of
lp. --- Steve
> Hello:
>
> I need to know if there is a way to give admins the rights they need
> to
> the domain/files and folders on DC's and servers without granting them GOD
> rights? Is there a best practice out there or has anyone done it.
> Basically
> we don't want to put any Admin into the Domain Admin Group, instead create
> a
> group that gives them the folder/file, and disk rights they need to do the
> job of a network administrator. Is there a case study or anything of that
> nature that will help us define those rights and privs? Any help would be
> appreciated, thanks.
| 
XML site map