Give Local Admin privileges to AD user group for group of computer

windows-server-2008 active-directory

Solution 1:

Yes, you're after Restricted Groups.

  1. Create a new GPO for the OU of your workstations.
  2. Computer Configuration -> Windows Settings -> Restricted Groups
  3. Right click, Add Group
  4. Choose your group for users who are going to be local workstation admins
  5. This group is a member of -> Add, and enter Administrators

Exit out of the GPO, and run gpupdate /force on the workstations to pick up the new GPO. Check in the local users/groups to see if your admins group is in the local administrators group.

See here for more pics: http://myitforum.com/cs2/blogs/rdixon/archive/2008/06/17/how-to-add-domain-accounts-to-local-administrators-group-using-gpo.aspx

Related

Best way to deploy ubuntu onto 100s of laptops?
Should / Can I use DNS Records to list "Private Hosts in Private LANs"?
When using vim with screen the keys ctrl + right and ctrl + left don't work
Where does filezilla server store its users data?
How do I monitor memcached evictions?
Postfix server configuration values explained?
How to take snapshot of non virtual server and restore it in VM?
How do I generate a response file to be used with apt-get or aptitude?
List top 404 URLs in Apache access_log [closed]
Linux equivalent for Windows shadow copies
Run both sshd and httpd SSL on port 443 [closed]
Disk2VHD and Hyper-V