Local Administrator Rights

Microsoft Windows
SQL Server
We have some Field Sups that are only at the office a few days then gone for months at a time. I am needing to assign Local admin rights to their Laptops while they are still logged into the Domain so that they keep the admin rights while out in the Field. I feel very stupid in asking this I should know. But, How do you assign those admin rights. I have created a local user through Computer Management and assigned it rights as admin. But of course he is logging in under his domain account. When he is away he still logs into the domain instead of the local machine because all of his offline files and settings are on that profile. We are running a Windows 03 SBS domain. No group policies. Thank you in advance.

Answer Wiki

Thanks. We'll let you know when a new response is added.

While the laptop is connected to the network, assign that users Domain account to the Local Administrators group….

Discuss This Question: 3  Replies

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • Cptrelentless
    Or use a group called Field Supps or something on the domain, add that to the local administrators, and add the domain account to field supps. That way you don't have to fiddle with the laptops ever again.
    0 pointsBadges:
  • Goofdru
    Thank you all for your comments. That was a huge help. I knew how to do it I just haven't done it in a long time. Thank you.
    0 pointsBadges:
  • CraigFox
    First Question: What OS is installed on the laptops? Second Question: Do users log on to the laptops, while in the field, as their domain user all the time? Assuming the answers are XP, AD, and domain accounts there are several ways you can solve your problem. 1) add their domain accounts to the local administrators group. This can be done manually or using a GPO with restricted groups. 2) either manually, through the local security policy, or with a GPO set the number of logons allowed before they need to contact a domain controller to something appropriate. The default is 10. Maybe the number should be around 60 if they are gone for several months. Additional notes. 1) the idea of using a group "field SEs" is a good one... do it!! 2) local user accounts are hard to administer and confusing for users. Avoid them if possible. 3) resitricted groups will replace all other entries in the local group so give it some thought first and verify the scope of the GPO before you implement it. Good Luck
    0 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: