Go Back   TechArena Community > Software > Operating Systems
Become a Member!
Forgot your username/password?
Tags Active Topics RSS Search Mark Forums Read

Reply
 
Thread Tools Search this Thread
  #1  
Old 05-05-2010
Member
 
Join Date: May 2010
Posts: 2
Exclamation How to make a VPN domain user permanent local admin

Hi there!

[first post]

One of my remote users was a admin and due to a destructive policy he as user is not part of Administrator list anymore.

I created a new policy and made him part of a "laptop-admin" group. This group is part of the Local administrators group in Windows XP.

Perfect as long as my remote user is connected with VPN to our domain.
To make the rights effective he needs to reboot.

After the reboot, the vpn connection is broken, the "laptop-admin" group is only visable as SID-code. So, my user is not a administrator on his local machine.

- how can I make this remote user part of the local administrator group without given my administrator account (domain or local).

I want him a permament admin, connected and offline.

Please advise me.

best regards, Bart
Reply With Quote
  #2  
Old 05-05-2010
Member
 
Join Date: Jan 2010
Posts: 57
Hi,

I hope the username created in the domain for this particular user is a standard user. Firstofall have you joined the laptop to the domain. If no then first please join the laptop to the domain by connecting vpn using a domain admin user & joining the laptop to the domain. or you can join the laptop to the domain using the lan itself provided the laptop is available in the lan.

Once the laptop is joined to the domain. Reebot the laptop & connect again to the vpn using domain admin user. When VPN is connected in laptop, right click my computer, click on manage, click on local users & groups, double click on the group 'administrators' click on add & add the domain user to this group. This will ensure that the domain user on this laptop would be admin but would be a standard user in the domain.

Once the domain user is added to the local administrators group of laptop, login with the username multiple times so as the laptop would cache the user login & would then allow even if the domain is not available when the user is not connected to vpn.
Reply With Quote
  #3  
Old 05-05-2010
Member
 
Join Date: May 2010
Posts: 2
Re: How to make a VPN domain user permanent local admin

- yes the pc is joined in the domain
- so the profile is Domain\username

- I want to fix it with a policy because more computers could need this fix
- policy + gpupdate from client side
- I don't want to do it by hand, (make an administrative login, start vpn, add the user to the admin group, logout)

- The policy works, I have my new groups in the list (containing the users)
- these groups won't work after a disconnect from the network (laptops!!)

Suggestions??
Reply With Quote
Reply

  TechArena Community > Software > Operating Systems
Tags: , , , ,



Thread Tools Search this Thread
Search this Thread:

Advanced Search


Similar Threads for: "How to make a VPN domain user permanent local admin"
Thread Thread Starter Forum Replies Last Post
synchronizing domain user Local cached credentials with domain Kishan Windows Security 3 05-09-2011 10:05 PM
Add domain user\group to local admin group problem Landon Active Directory 3 16-10-2009 09:30 PM
How to assign Domain admin credential to User from trusted domain Tom Active Directory 4 15-07-2009 11:29 PM
Granting Domain Users Local Admin Rights Jasonholt Windows Security 2 22-04-2009 10:29 PM
Making a user Local Admin on domain computers Niklas Ramstedt Windows Server Help 1 29-04-2008 02:41 PM


All times are GMT +5.5. The time now is 05:05 PM.