Security Configuration

Home Forums Security General Security Security Configuration

Viewing 1 post (of 1 total)
  • Author
    Posts

  • gibilix
    Member
    #99425

    Hello.

    I am configuring the security of a WIndows XP desktop which is member of an Active Directory domain.

    We would like to have all users be member of the default Users group and all support personnel (HelpDesk, Deployers, etc…) member of a special group which almost the same rights as Administrators (full installation capabilities), but not member of the Administrators group because we don’t want them to be able to connect to the default c$ share of any desktop.

    I am trying to accomplish this through Security Template, assigning to a group we have defined on the domain, the same settings as the Administrators group and granting them modify rights on c:, %systemroot% and the registry in order to be able to install any application or tool they might need in their supporting activity.

    However I have find out that many application, including Office, do not allow to be installed unless you are actually member of the local Administrators group, which makes my solution not valid.

    Is there any other way to accomplish our goal? I know that we could probably manage the installation of certain applications through group policy, but we are not Domain Admins and we are not allowed to use them at this time.

    Thanks for any suggestion!

    Gibilix

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.

External Sharing and Guest User Access in Microsoft 365 and Teams

This eBook will dive into policy considerations you need to make when creating and managing guest user access to your Teams network, as well as the different layers of guest access and the common challenges that accompany a more complicated Microsoft 365 infrastructure.

You will learn:

  • Who should be allowed to be invited as a guest?
  • What type of guests should be able to access files in SharePoint and OneDrive?
  • How should guests be offboarded?
  • How should you determine who has access to sensitive information in your environment?

Sponsored by:

 
Office 365 Coexistence for Mergers & Acquisitions: Don’t Panic! Make it SimpleLive Webinar on Tuesday, November 16, 2021 @ 1 pm ET

In this session, Microsoft MVPs Steve Goodman and Mike Weaver, and tenant migration expert Rich Dean, will cover the four most common steps toward Office 365 coexistence and explain the simplest route to project success.

  • Directory Sync/GAL Sync – How to prepare for access and awareness
  • Calendar Sharing – How to retrieve a user’s shared calendar, or a room’s free time
  • Email Routing – How to guarantee email is routed to the active mailbox before and after migration
  • Domain Sharing – How to accommodate both original and new SMTP domains at every stage

Aimed at IT Admins, Infrastructure Engineers and Project Managers, this session outlines both technical and project management considerations – giving you a great head start when faced with a tenant migration.the different layers of guest access and the common challenges that accompany a more complicated Microsoft 365 infrastructure.

Sponsored by: