Results 1 to 3 of 3

Thread: Granting Domain Users Local Admin Rights

  1. #1
    Join Date
    Sep 2005

    Granting Domain Users Local Admin Rights

    I have done this before on Windows XP and Windows Server 2003 AD network. What happens if that if a user is set up at a computer then their domain login is added to the local pc with admin rights and then the issues start if the user goes to another computer where they are not been added as a local admin for local admin rights that are required for a some applications to run. So, when I searched for an easier way to do this thing then I got 2 options:
    1. Add the Interactive Users group as to the local admin group
    2. Add the Domain Users group to the local admin group

    So, can anyone tell me what is the difference between these two options and which one should I choose from?

  2. #2
    Join Date
    Nov 2005
    You can use the User Manager for Domains that lets you grant these permissions without visiting each workstation. On the server (or on a workstation with server tools loaded):

    1. Click Start, point to Programs, point to Administrative Tools (Common), and then click User Manager for Domains.
    2. On the User menu bar, click Select Domain.
    3. In the Domain box, type \\ComputerName (where ComputerName is the name of the computer), and then click OK. This starts User Manager for Domains for the computer name you specified.
    4. Double-click Administrators in the list of groups at the bottom of the User Manager for Domains dialog box.
    5. In the Local Groups Properties dialog box, click Add. In the List Names From box (these are the domains in which you can add users from), click the user (or global group) that needs administrative rights, and then click Add. The user name is displayed in the Names box. Click OK.
    6. In the Local Group Policies dialog box, click OK.

    For more information, go to this link -

  3. #3
    Join Date
    Aug 2005

    Re: Granting Domain Users Local Admin Rights

    Try to follow the below method and see if that helps:
    1. First of all you have to make a Domain account called Local Admin
    2. After that you need to add all users to this group
    3. Now you have to manually add the new "local admin" group to the administrators group on each computer.

    Also you can try to use the group policies to do that, just go to Computer >> Preferences >> Control Panel >> Local Users & Groups >> Group >> Administrator and then Add Domain Name\Local Admin. Hope this helps

Similar Threads

  1. adding domain users automatically to the local admin group
    By The Shadow in forum Active Directory
    Replies: 3
    Last Post: 07-06-2011, 11:57 PM
  2. VB development without local admin rights?
    By Bottlenecked in forum Software Development
    Replies: 6
    Last Post: 25-09-2010, 10:02 PM
  3. Granting local admin rights on domain controller
    By Micka in forum Active Directory
    Replies: 5
    Last Post: 04-11-2008, 07:08 PM
  4. domain admin rights
    By Billie in forum Active Directory
    Replies: 4
    Last Post: 21-05-2008, 02:52 AM
  5. local admin rights
    By Leonard in forum Windows Server Help
    Replies: 4
    Last Post: 26-04-2008, 05:55 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts