When a new user is added to our Active Directory database, by default, that user has access to all machines. Is there any way to change the domain policy so that, when a user is added, machines are added with this access level by default but, at the same time, deny this option for a second tier admin group? In other words, we have a group with their own admin who is coming into our group, and we would like to make it so this new admin cannot allow their users access to all of our machines.
Free Guide: Managing storage for virtual environments
Complete a brief survey to get a complimentary 70-page whitepaper featuring the best methods and solutions for your virtual environment, as well as hypervisor-specific management advice from TechTarget experts. Don’t miss out on this exclusive content!