+ Reply to Thread
Page 2 of 2 First 12
Results 26 to 27 of 27
  1. Self-Described Huguenot blargoe's Avatar
    Join Date
    Nov 2005
    Location
    NC
    Posts
    4,098

    Certifications
    VCAP5-DCA; VCP 3/4/5/6 (DCV); EMCSA:CLARiiON; Linux+; MCSE:M 2000/2003; MCSE:S 2000/2003; MCTS:Exch2007; Security+; A+; CCNA (expired)
    #26
    Why would you want to have another global group that gives someone rights to every remote desktop in the domain? Being a domain admin gives you this right.
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member
    Join Date
    Jun 2006
    Location
    Tampa Bay
    Posts
    1,266

    Certifications
    MCSA 2000, MCSE 2003, Exchange 2000, CCNA, CCNA Security, CNE, A+, Network+, Security+
    #27
    You can put any user in a member domain in a local group of a machine that is also a member of the domain (or trusts the domain the user is in), as well as a global group. That's actually best practice.

    What you can't do is put a local user in machine A into the local group of machine B, though you can duplicate the user in machine B and hope for pass-thru authentication to work. But a DC does not have any local users, they are all domain user accounts and can be placed into any local group of any member machine.
    Remember the UsGGLR rule.
    Reply With Quote Quote  

+ Reply to Thread
Page 2 of 2 First 12

Social Networking & Bookmarks