M
Michel B.
Hi,
I've been asked to do 2 things and I wanted to know what you guys think
would be the best way. I already have a way to achieve my goal but I'm
looking for a better way to do that (if any exist)
Here it goes
1- I need to setup a user (the technician) to access the properties of
accounts in AD (to reset passwords and/or unlock them). He has to log on
locally/interactively on one of the DC (the one with all the FMSO roles).
BTW I had something strange when I've set the local policies on the DC to
allow the user to logon locally. I had set al admins groups/accounts and
this particular account. Few times after I did this, users began to call me
telling that they had a message that they couldn't logon interactively. Is
there a way to setup "local" policies on the DC to allow a user account to
logon locally?
2- I have to give full control over 5 servers to 2 guys, the ERP dev team.
They should have the right to install/uninstall anything on the servers. I
though to give them an account which is local administrator on those
servers.
Thanks
M.Bruyere
I've been asked to do 2 things and I wanted to know what you guys think
would be the best way. I already have a way to achieve my goal but I'm
looking for a better way to do that (if any exist)
Here it goes
1- I need to setup a user (the technician) to access the properties of
accounts in AD (to reset passwords and/or unlock them). He has to log on
locally/interactively on one of the DC (the one with all the FMSO roles).
BTW I had something strange when I've set the local policies on the DC to
allow the user to logon locally. I had set al admins groups/accounts and
this particular account. Few times after I did this, users began to call me
telling that they had a message that they couldn't logon interactively. Is
there a way to setup "local" policies on the DC to allow a user account to
logon locally?
2- I have to give full control over 5 servers to 2 guys, the ERP dev team.
They should have the right to install/uninstall anything on the servers. I
though to give them an account which is local administrator on those
servers.
Thanks
M.Bruyere