How can you setup a group say "templocaladmin" that grants a user admin access to the computer they are logging into while logging into the domain not logging in locally on the computer?
So I have a user who has no right to install programs. I need to install a program with them logged into the domain so I add them to the group templocaladmin, have them logoff and logon and install then remove them and have logoff and on again.
I just can't seem to figure out what group(s) to add to templocaladmin to give the necessary rights.
This is probably painfully obvious to some but I have been studying way to much this week and I thinnk I have reached the point of diminishing returns.