Register

Forgot Password

Site FAQ

Home > IT Answers > Microsoft Windows > Local Administrator Rights

Goofdru

0 pts.

Local Administrator Rights

Desktops, Management, Microsoft Windows, OS, Security, Servers, SQL Server

We have some Field Sups that are only at the office a few days then gone for months at a time. I am needing to assign Local admin rights to their Laptops while they are still logged into the Domain so that they keep the admin rights while out in the Field. I feel very stupid in asking this I should know. But, How do you assign those admin rights. I have created a local user through Computer Management and assigned it rights as admin. But of course he is logging in under his domain account. When he is away he still logs into the domain instead of the local machine because all of his offline files and settings are on that profile. We are running a Windows 03 SBS domain. No group policies. Thank you in advance.

Software/Hardware used:

ASKED: August 24, 2005 1:47 PM

UPDATED: August 25, 2005 10:25 AM

RELATED QUESTIONS

Answer Wiki:

While the laptop is connected to the network, assign that users Domain account to the Local Administrators group....

Last Wiki Answer Submitted: August 24, 2005 1:55 pm by Pitt10

0 pts.

All Answer Wiki Contributors: Pitt10

0 pts.

To see all answers submitted to the Answer Wiki: View Answer History.

RSS - Discussions Help

Discuss This Question:

_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

POSTED: Aug 25, 2005 6:58 AM (GMT)

Or use a group called Field Supps or something on the domain, add that to the local administrators, and add the domain account to field supps. That way you don’t have to fiddle with the laptops ever again.

Cptrelentless

0 pts.

POSTED: Aug 25, 2005 7:48 AM (GMT)

Thank you all for your comments. That was a huge help. I knew how to do it I just haven’t done it in a long time. Thank you.

Goofdru

0 pts.

POSTED: Aug 25, 2005 10:25 AM (GMT)

First Question:
What OS is installed on the laptops?
Second Question:
Do users log on to the laptops, while in the field, as their domain user all the time?

Assuming the answers are XP, AD, and domain accounts there are several ways you can solve your problem.

1) add their domain accounts to the local administrators group. This can be done manually or using a GPO with restricted groups.
2) either manually, through the local security policy, or with a GPO set the number of logons allowed before they need to contact a domain controller to something appropriate. The default is 10. Maybe the number should be around 60 if they are gone for several months.

Additional notes.
1) the idea of using a group “field SEs” is a good one… do it!!
2) local user accounts are hard to administer and confusing for users. Avoid them if possible.
3) resitricted groups will replace all other entries in the local group so give it some thought first and verify the scope of the GPO before you implement it.

Good Luck

CraigFox

0 pts.

Ask a Question

Browse IT Answers by Topic

>>VIEW ALL TAGS

Community Blog | About Us | Contact Us | FAQ | Terms of Use | DMCA Policy

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organization's IT projects - with its network of technology-specific Web sites, events and magazines.
All Rights Reserved, Copyright 1999-2013, TechTarget | Read our Privacy Policy
Questions and Answers Index 1 | Questions and Answers Index 2 | IT Topics Index 1 | IT Topics Index 2 | Blogs Index | Blogs Tags