Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Search Search
Search for:
Tech Support Guy > > >

local admin group management


(!)

Lico's Avatar
Lico Lico is offline
Member with 1 posts.
THREAD STARTER
 
Join Date: Jul 2012
11-Jul-2012, 07:48 AM #1
local admin group management
Hi guys,
Iíve a question regarding local admin group management.
Suppose a user is responsible for managing some application installed on a server. The user doesnít normally need to change server configuration like IP address, time settings and so (i.e. privileges).
For Microsoft applications like SharePoint or for servers like IIS I can use the preconfigured groups. But suppose weíre talking about some third party application and I canít know for sure what kind of access the user need.
Maybe the user need to install something and thus require modify permission to some files also the installation may need to change some registry values and configure services.
For example, one of the application owners in my organization needs to connect some constructor to perform some maintenance on a server. Of course I can limit his access but what if he need perform installation of software or change some registry? In any case the application owner will have to find some system administrator to connect him with the needed level of access.
So as we can see I need to find a way to combine permissions and privileges.
My question is what is the correct approach in this situation?

1. Are there any best practices or guide lines for this issue? Iíve searched many forums but wasnít able find some clear approach and best practices.
2. Is it acceptable to give application owner or developers local admin permissions? Maybe itís the way to go and Iím wasting my time here.
3. What is the common way to deal with this situation? Is it acceptable to give a user local admin rights or should an IT person connect the user with elevated permissions when required?
Any information or reference to information in this matter will be really appreciated.

Thanks
lunarlander's Avatar
Computer Specs
Member with 5,556 posts.
 
Join Date: Sep 2007
11-Jul-2012, 05:49 PM #2
A developer would only have admni rights to a test server in a test network where he can try out his application. Then when the application is ready, he writes the procedures down and hand it over to the IT admin who handle all administration of the application on the live serer.
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


Tags
local admins, windows server

(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑