Domain User with Administrative privilage on the logon computer restrict to remove logon computer from domain RRS feed

  • Question

  • Thank you for reading the thread.

    Please help me to achieve the following.

    Scenario: NYDM (Domain Controller), NYW1 (Workstation 1) and NYUSER ,NYADMIN

    NYW1 is a part of the NYDM. NYUSER logs in  to the NYW1 PC. The NYUSER has administrative privilage on the NYW1.

    I would like to restrict the NYUSER to remove the computer from the domain or join a workgroup etc. Only NYADMIN can remove NYW1 from domain or join another domain or workgroup. 

    The above scenario is for one NYW1 (workstation) the network will have nth number of PC in domain and users except the admin no one should be able to change the same.



    Thursday, March 1, 2012 5:18 AM

All replies