I am new to security and trying to figure how I can secure Windows environment. I have doubt, I look at diffrent books and web blogs but still not able to clear it. My problem is ” on domain controller we have built in group called Print manager and on member servers there is also one group called Print manager. What I understand is that print manager on domain controller can install / uninstall and log on locally on DC whereas print manager on member server can log on locally and install/uninstall printers on member server.Am I right here? Another thing is every one group. Should we have to make domain everyone group member of local builtin everyone group? I read that domain everyone group can be made member of builtin group everyone member so they will be able to run legacy application. So which thing is right? Is it ok to make domain everyone member of local server buitin everyone group or power users group.
Another thing I noticed that I was not able to make domain group print operator member of local server builtin print operator group. Though I can make it member of other group. Is it any reason behind it ? any one here would be able to explain this drama of local and domain users grou?
You must be logged in to reply to this topic.
Create a free account today to participate in forum conversations, comment on posts and more.