I have an AD account that is used to run a script that requires local admin access upon logon. I use an utility called CPAU to do this and that part works. This account is part of domain admins, which have local admin access to all machines, but I dont really want to have this account being a domain admin. Is there a different way of giving it local admin access to all machines without giving it domain admin rights?
I realize this is done at the PC level, and when you join a machine to a domain, the local admin group has domain admins added to it as a member. I could also manually add this particular user as a member. So can this be done to each PC through a GPO perhaps?
I realize this is done at the PC level, and when you join a machine to a domain, the local admin group has domain admins added to it as a member. I could also manually add this particular user as a member. So can this be done to each PC through a GPO perhaps?
Facebook
Twitter