Adding local admin rights to a new computer when user has access on all other comps on the domain

Active Directory
Local Administrators Group
Server management
User account management
User Permissions
Hello All, Thanks for taking the time to help me with my problems as i am almost finish. I have two things left to accomplish for now and maybe a few more in the near future. My friends company had a Tech that recently passed away and I am trying to help him out with his business. I have done this type of work in the past but unfortunately it has been years ago so I am loosing my train of thought. These are the things I need help with 1.Adding local rights for all user which include 12 users. All users have roaming profiles. I had one computer that was being used and the individual had all access rights. Her computer was replaced with a laptop and now I am having trouble with installing software on her laptop but she is able to install on the other computers with her user ID and Password. The laptop will not allow her access rights to allow her to install software only on this one computer. So what I did I logged in as a domain admin, right clicked on my computer and went to manage. Then from there i selected local users and groups then I added her Domain Login ID to the administrator group. I was able to get auto cad installed successfully but when i insert a cd into the rom drive it will not auto run. I am able to manually right click on auto run and then the software will run. I spoke with a friend and he told me the way i added the user was incorrect. I need to know the proper steps to adding her as an administrator to the local machine on her remote location and on any other machine at the office location and get this auto run to work properly instead of manually. Can someone please provide me with a link to step by step instruction for adding local administrator rights to the remote location laptop and all he computers on the domain. I am not sure if I need to be doing something on the active directory side on the server or on each individual computer set up on the domain. i found a script that I can use but where do I install the script so it will auto run when she logged in from the remote location and local location. if i seem to be completely lost please help with step by step instruction. Thank you advanced as I really need some fellow support to get this company up and running again after their tragic loss. I dont have much time so the sooner the help the better. i thank you in advance for your time and efforts.

Answer Wiki

Thanks. We'll let you know when a new response is added.

You added the user correctly. I have no idea how else you would add someone to that local admin group.
The only other way to accomplish this would be to create an A/D group with local admin rights and add your user to this group. The net effect is the same, however, and as for assigning local admin rights on a system by system basis, I agree with MrDenny…
It depends on your intention. If you want people to be administators on any corporate Windows system that they log onto, then create a group in AD, add them to the group, create a GPO for your workstation OU to ensure that the group is a member of the local Administrators group. The policy for this has two modes, adding and overwriting. I suggest the mode to add the group.

This has the ssimplicity that you can pull an ID out of the group and you do not have to touch the systems.

Just ensure that you place all workstations in a common set of containers and apply the GPO.

This removes login scripts, direct touches to systems and other items from the equation.

If you want to get fancy, you can use WMI and group filters as well.

Discuss This Question: 1  Reply

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • Exchange server 2007
    you can also do it through group policy . first make a group in AD and then add its members and then go to group policy under security settings and then restricted group just setup there that will make those user member of local admins
    605 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: