Security Basics mailing list archives
RE: restricted management for some users.
From: "Chris Goodwin" <chris.goodwin () epicenterprises com>
Date: Thu, 20 May 2004 13:10:33 -0400
Michael, 1- If you have access to Windows & .NET Magazine, an admin in your situation submitted a nice password reset script in the March '04 issue: http:/www.winnemag.com / InstantDoc No. 41551 2- Makes sense to me, maybe someone has a better idea. Chris Goodwin Marketing / Networking Epic Enterprises, Inc. +1-910-692-5750 -----Original Message----- From: Bruyere, Michel [mailto:mbruyere () ezemcanada com] Sent: Thursday, May 20, 2004 9:51 AM To: security-basics () securityfocus com Subject: restricted management for some users. Hi, I've been asked to do 2 things and I wanted to know what you guys think would be the best way. I already have a way to achieve my goal but I'm looking for a better way to do that (if any exist) Here it goes 1- I need to setup a user (the technician) to access the properties of accounts in AD (to reset passwords and/or unlock them). He has to log on locally/interactively on one of the DC (the one with all the FMSO roles). BTW I had something strange when I've set the local policies on the DC to allow the user to logon locally. I had set al admins groups/accounts and this particular account. Few times after I did this, users began to call me telling that they had a message that they couldn't logon interactively. Is there a way to setup "local" policies on the DC to allow a user account to logon locally? 2- I have to give full control over 5 servers to 2 guys, the ERP dev team. They should have the right to install/uninstall anything on the servers. I though to give them an account which is local administrator on those servers. Thanks M.Bruyere Network/systems administrator CompTIA A+, Network+ The quickest way to find something is to start looking for something else. :-) --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
--------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- restricted management for some users. Bruyere, Michel (May 20)
- Re: restricted management for some users. Ansgar -59cobalt- Wiechers (May 21)
- RE: restricted management for some users. Chris Goodwin (May 21)
- <Possible follow-ups>
- RE: restricted management for some users. Sullivan, Glenn (May 21)