RE: [ActiveDir] Unlock Workstation User Right

Mon, 28 Feb 2005 08:42:02 -0800 

Sorry, ignore my last post completely - I read that as unlock user right,
not the unlock workstation.

I think Joe is correct - I believe only admins on the machine can unlock
computers.

Regards;

James R. Day
Active Directory Core Team
Office of the Chief Information Officer
National Park Service
(202) 354-1464 (direct)
(202) 371-1549 (fax)
[EMAIL PROTECTED]


|---------+---------------------------------->
|         |           "joe"                  |
|         |           <[EMAIL PROTECTED]> |
|         |           Sent by:               |
|         |           [EMAIL PROTECTED]|
|         |           tivedir.org            |
|         |                                  |
|         |                                  |
|         |           02/28/2005 09:42 AM EST|
|         |           Please respond to      |
|         |           ActiveDir              |
|---------+---------------------------------->
  
>------------------------------------------------------------------------------------------------------------------------------|
  |                                                                             
                                                 |
  |       To:       <ActiveDir@mail.activedir.org>                              
                                                 |
  |       cc:       (bcc: James Day/Contractor/NPS)                             
                                                 |
  |       Subject:  RE: [ActiveDir] Unlock Workstation User Right               
                                                 |
  
>------------------------------------------------------------------------------------------------------------------------------|




If you mean unlock the console of a machine locked by a user, I think you
have to be an administrator on that machine. It doesn't take any domain
level permissions except being an authenticatable user unless the machine
someone wants to unlock is a DC, at which point they have to be an admin of
the DCs.

  joe

From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Myrick, Todd
(NIH/CC/DNA)
Sent: Monday, February 28, 2005 9:31 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Unlock Workstation User Right

Account Operators Local Group I think.  Must us ADU&C, you might have to
grant permissions to the group if inheritance is blocked on some OUâs.

Todd Myrick


From: Tim Foster [mailto:[EMAIL PROTECTED]
Sent: Monday, February 28, 2005 9:08 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Unlock Workstation User Right

I want to grant some users the right to unlock workstations in a W2K3
domain.  I have scanned through Group Policy and I canât seem to find the
appropriate setting to do this.  Is this a right that is automatically
granted to one of the Built-In groups?  If so, which one?  It seems
overkill to have to add users to the Administrators group to get this
right.

Thanks in advance for any help the list can give.

[EMAIL PROTECTED]       šŠV«r¯yÊ&ý§-Š÷4™¨¥iËb½çb®Šà

Reply via email to