Need help with GPO

Discussion in 'Windows Server' started by Rab, Mar 18, 2015.

Tags:
  1. Rab

    Rab MDL Member

    May 18, 2009
    155
    19
    10
    In use my small server as a deployment server, HyperV server and a media streaming server.
    When maintaining WIMs and the deployment environment I use a separate account with special permissions.
    All other accounts for the family, including my every day account, is non admin accounts and put into an OU called Users.

    Now, the account “The Creator” is the deployment account and I want him to become local admin on all computers.
    I want him to not being nagged by UAC and I want him to be able to execute all programs, scripts and commands.
    Turning UAC off is hindering me to run among other things several scripts used by MDT, thus destroying the deployment.
    And as I use this server as much as a learning tool as anything else I still haven’t figured out how to get around this.
    I created a OU called Deploy and put “The Creator” in it and tested several GPO settings for the UAC, so far none have given me the result I need.
    Is there a way to via GPO set “The Creator” to my wishes or do I need to rethink this?

    I really HATE the UAC and its inability to understand that an admin most likely have the right permissions to do the stuff he does. Or at least an understandable way to configure it to behave in the desired way. If this is doable I think a Doctors degree in cryptography is needed to understand the documentation in this regard.


    /Rab
     
  2. Rab

    Rab MDL Member

    May 18, 2009
    155
    19
    10
    That figures...

    Hmmm. Is there a way to "Auto elevate" a specific user to not being botherd with the UAC when it shoud prompt then?
    Like so: Normal user> test.cmd > UAC "Need Admin rights. OK?" to "The Creator" > test.cmd > UAC *oh its The Creator* Sertanly Sir! At Once!" <--- even if its a realy dumb ass idea to run the test.cmd.

    Hopes the idéa i have comes across the translations. If unclear in a major way please ask for clarifications and I'll try to express myself better.

    /Rab