|
Posted by Roger Abell on June 22, 2005, 7:11 am
Please log in for more thread options
In order to log in it is likely just as Slav stated, which could be
fixed by adding the account in a GPO liked to the Domain Controllers
OU to the Security Policy to Log on locally.
However, that lets them into your SBS server, at which point they
could still tromp about more than you might wish (shared data, etc.).
Also, that may be insufficient for them to do their work updating
and troubleshooting their application. Membership in the group
Administrators would let them in and let them work but would
keep them from going off box to other machines in your environ
(at least keep them from accesses not granted to Domain Users).
--
Roger Abell
Microsoft MVP (Windows Security)
> Greetings,
>
> I recently upgraded to SBS 2003std, and am needing to allow a vendor
remote
> access to the server to do some software updates on their program. I had
no
> problem setting up the user, adding them to the Mobile Users group, and
> connecting to the Remote Web Workplace. Unfortunately, at this point, the
> user has no access to server, and thus, is unable to upload program
updates
> and troubleshoot problems.
>
> In researching this a bit, it appears that I have to grant the user Domain
> Admin privledges. Is this correct? I'm a bit concerned, in that this
person
> will then have full access to the server. Is there a more secure way to
> allow this remote user upload/file access to the server, or is this my
only
> option?
>
> Thanks in advance for your advice and feedback.
> --
> Thanks,
> MarkW
| 
XML Sitemap