punker Posted December 29, 2004 Posted December 29, 2004 I have an issue on my network. Currently if a computer goes down or off the network, i have to talk the user through putting in the admin login and password in order to go in and do admin stuff. But once they have the admin login and password the could potentially go to anyones computer and login with it and retrieve other users files. I havent had any problems yet, but now im rolling out XP and i really want to solve this issue. I need the user to be able to login and be able to perfom admin functions, but not have access to other domain users profiles. Any ideas?
tguy Posted December 29, 2004 Posted December 29, 2004 Have you considered adding their network id (domain or AD account) to the local administrator's group?Try that.
punker Posted December 29, 2004 Author Posted December 29, 2004 ya, i thought about that. It wouldnt completely solve the problem but it would minimize it because then the regular user could do admin tasks only on that computer, but would still be able to see other users profiles on that local computer. But still better than seeing users profiles on any computer. Big problem is that they always have full local admin priveleges. Maybe if there is some setting to not allow local admin to read other users profiles, but will let domain admins read them. hrmm.... there must be other net admins out there who run into this problem. Anyone??
10forcash Posted December 30, 2004 Posted December 30, 2004 or use AD to temporarily add their account to the administrators group, then remove it once the problem is resolved-or-use remote desktop to resolve the issues yourself?Cheers,10forcash
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now