local admin group management
Hi guys, Ive a question regarding local admin group management. Suppose a user is responsible for managing some application installed on a server. The user doesnt normally need to change server configuration like IP address, time settings and so (i.e. privileges). For Microsoft applications like SharePoint or for servers like IIS I can use the preconfigured groups. But suppose were talking about some third party application and I cant know for sure what kind of access the user need. Maybe the user need to install something and thus require modify permission to some files also the installation may need to change some registry values and configure services. For example, one of the application owners in my organization needs to connect some constructor to perform some maintenance on a server. Of course I can limit his access but what if he need perform installation of software or change some registry? In any case the application owner will have to find some system administrator to connect him with the needed level of access. So as we can see I need to find a way to combine permissions and privileges. My question is what is the correct approach in this situation? Are there any best practices or guide lines for this issue? Ive searched many forums but wasnt able find some clear approach and best practices.Is it acceptable to give application owner or developers local admin permissions? Maybe its the way to go and Im wasting my time here.What is the common way to deal with this situation? Is it acceptable to give a user local admin rights or should an IT person connect the user with elevated permissions when required? Any information or reference to information in this matter will be really appreciated. Thanks
July 11th, 2012 7:32am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics