+ Post New Thread
Results 1 to 5 of 5
Windows Server 2008 R2 Thread, Setting up extra admin accounts in Technical; At the moment all our team are using the default 'Administrator' account to access the servers, change file permissions and ...
  1. #1

    Join Date
    Jan 2007
    Posts
    968
    Thank Post
    10
    Thanked 35 Times in 27 Posts
    Rep Power
    22

    Setting up extra admin accounts

    At the moment all our team are using the default 'Administrator' account to access the servers, change file permissions and so on.

    My aim is to have individual named admin accounts for each member of the team for proper auditing purposes and so on.

    What I have done is created a 'Admin users' OU and then selected the built in Administrator account and used the 'Copy' function several times to create the new custom admin user accounts. The theory being they would pick up all the same permissions as the Administrator account.

    However, it isn't working properly!

    They can't seem to create user accounts in Active Directory using our custom CSV import script and every time they try to access stuff on the file server they get 'You need permission...presss OK to get permission' which does give them permission but adds an entry for their user account to the ACL which gets a bit messy and they should already have access as 'Domain Admins' have full control to the folders and files and they are in the 'Domain Admins' group!

    Does anyone have any clue what I'm doing wrong? It all seemed so simple!

  2. #2
    Gaz
    Gaz is offline

    Join Date
    Feb 2011
    Location
    Preston
    Posts
    795
    Thank Post
    137
    Thanked 67 Times in 59 Posts
    Rep Power
    20
    I've never done it but I thought it would have been a case of creating a new user and making that user a member of the "Administrators" group under "builtin"
    The same goes for other groups.

  3. #3


    Join Date
    Feb 2007
    Location
    Northamptonshire
    Posts
    4,689
    Thank Post
    352
    Thanked 794 Times in 714 Posts
    Rep Power
    346
    Put them in the "Domain Admins" group.

    (Compare the group memberships between a working and non working one)

  4. #4
    ADMaster's Avatar
    Join Date
    May 2012
    Posts
    326
    Thank Post
    5
    Thanked 33 Times in 28 Posts
    Rep Power
    23
    also look at the file / folder permissions. If the permissions are set to allow the administrator vs Administrators or Domain Admins, you will get this.

    Change the file / folder permissions to reflect the group and not the user.

    For AD as long as they are in the domain admins group they should be able to do anything. You could also look at the delegation of control wizard to assign specific roles to them without making them a domain admin.

  5. #5
    noxigen's Avatar
    Join Date
    May 2013
    Location
    Nashville, TN USA
    Posts
    5
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    I know this is an old thread, but please don't just put a large group of people in "Domain Admins". Create a domain security group, put those people in it and then add that group to the local administrators group on each server that they need to manage. Even then, only if they really need full admin rights on those servers.

SHARE:
+ Post New Thread

Similar Threads

  1. Setting up home wireless network with MAC and PC..?
    By tosca925 in forum General Chat
    Replies: 6
    Last Post: 21st November 2011, 04:39 PM
  2. local admin account re-set remotely BULK
    By Gavinc in forum Windows
    Replies: 11
    Last Post: 18th December 2008, 08:32 PM
  3. Setting up remote access to staff user accounts
    By firefox_2006 in forum How do you do....it?
    Replies: 9
    Last Post: 19th May 2008, 12:30 PM
  4. Replies: 3
    Last Post: 19th January 2007, 11:06 AM
  5. Setting Up A Users Account ... Help Wanted Please...
    By tickmike in forum How do you do....it?
    Replies: 18
    Last Post: 8th September 2006, 08:50 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •