How to Make a Domain User the Local Administrator for all PCs
Step 1 : Creating a Security
Group
First
you need to create a security group called Local Admin
- Log onto a Domain Controller,
open Active Directory Users and Computers (dsa.msc)
- Create a security Group name
it Local Admin. From Menu Select Action |
New | Group
- Name the group as Local
Admin.
- Add the Help Desk members
to Local Admin group. I will add two users say Tom and
Bob.
Step 2: Create Group Policy.
Next
you need to create a group policy called “Local Admin GPO”
- Open Group Policy Management
Console ( gpmc.msc )
- Right click on Group
Policy Objects and select New.
- Type the name of the policy
"Local Admin GPO"
Step 3: Configure the policy to add the “Local Admin” group as
Administrators
Here
you will add the Local Admin group to the Local Admin GPO policy and put them in the groups
you wish them to use.
- Right click “Local Admin GPO”
Policy then select Edit.
- Expand Computer
configuration\Policies\Windows Settings\Security Settings\Restricted
Groups
- In the Left pane on Restricted Groups, Right
Click and select “Add Group“
- In the Add Group dialog
box, select browse and type Local Admin and
then click“Check Names“
- Click OK twice to close the
dialog box.
- Click Add under “This group is
a member of:”
- Add the “Administrators”
Group.
- Add “Remote Desktop
Users”
- Click OK twice
NOTE# When adding groups, you can add whatever
you want, the GPO will match the group on the system, if you type “Admins”
it will match a local group called Admins if it exists and put “Local Admin” in
that group.
Step
4: Linking GPO
- In Group policy management
console, right click on the domain or the OU and select Link
an Existing GPO
- Select the Local Admin
GPO
Step
5: Testing GPOs
Log
on to a PC which is join to the domain and then run gpupdate /force and
check the local administrators group. You should see Local Admin in that group now. Make sure all PCs
you want to access should be move to an OU and properly link above
GPO. Tom and Bob domain users can now access all PCs remotely as a local
administrator.
Related Articles
Adding VM in the Citrix Delivery Controller and Assigning User
Adding VM in the Citrix Delivery Controller and Assigning User First of all VM should be joined on domain and have updated VDA agent installed. On Delivery Controller, Go to Citrix Studio. Firstly, Machine Catalogue needs to be created for respective ...
dinManage User Guide V1.5
Attached PDF will give you detailed overview about dinManage User Guide V1.5
Can I map local drives to dinHVD?
Can I map local drives to dinHVD? Solution/Answer : Yes, You can map your local drives to dinHVD. To do this go to WebAccess properties in Connection Broker. Go to local resources Select "More" and Check "Disk Drives" to select all drives or if you ...
Can I assign more than one dinDaas to a user?
Can I assign more than one dinDaas to a user? Yes. You can assign yourself multiple dinDaas. Simply, assign the email of the user to all the dinDaas. The login page will show all the assigned dinDaas. Each dinDaas can be accessed with the same ...
Disabling the Local printer in Citrix HVD ICA Session
How to Disable the Local printer in Citrix HVD’s Enable the following policy to Disable the Local printer in Citrix HVD’s. To enable the policy, go to Citrix Studio, click on Policies>Create Policy, search for Auto-create client printers and click ...