Dear All , I have here in My Network 2 users as the following :-
User 1- He is Member of the follwoing group in Our Active Directory Domain:- 1. Account Operators. 2. Backup Operators. 3. DNS Admin. 4. Domain Admins. 5. Domain Computers. 6. Domain Users. 7. Enterprise Admin. 8. Group Policy Creator Owner. 9. Remote Desktop Users. 10. Schema Admin. -------------------------------------------------------------------------- User 2- He is a member of the following groups:- 1- Account Operators. 2- Backup Operators. 3- Domain Admins. 4- Domain Users. 5- Enterprise Admin. 6- Remote Desktop Users. 7- Schema Admin. 8- Group Policy Creator. ============================================================================= Now, Both Of them have 2 server speraatly and every one manage his server in Our domain Alone with his user name and Password. the First server is Axapta server & the Second is Normal Intranet server. Both server are member of our domain. we have only 1 domain with single forest with 2 DC. Now, both of them when ever they want to access the Domain Controller By using Terminal Service Or by Login to the domain controller while they are standing of him by his user name & Passowrd instead of the Administrator user name & Password, they are able completely without any Problem. Due to that , we face some Problem with one of them Because he completely did something to the Domain Controller . Now, My Manager asked me to only allow User 2 to access the Domain Controoler by his user name & Password & even By using Terminal service . and he does not want any other Persons to have the chance to login to the domain controller by his user name & Password & Even by using Termianl Service or Remote Desktop Connection.\ Please guide me , what should i do in order to achive this , what should i need to delete ? Thanks & Best Regards, Marwa, List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/