There are essentially 3 methods, Group Policies, Security Templates or subinacl.
They are outlined in http://support.microsoft.com/default.aspx?scid=kb;en-us;288129 ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Caple, Andrew Sent: Sunday, October 10, 2004 9:55 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] Setting Security on Services Greeting everyone, I was hoping that you might be able to help me, I'm wanting to assign permissions to our Support Centre Administrators so that they are able to administer the spooler and task scheduler services on some of our severs - without adding them into the local administrators group of each server. We're tried changing the permissions on services.exe and running regmon to see what permission is needed to modify these services (i.e. stopping and restarting the spooler) however still no luck - with out having them in the local admin group. Is anyone able to telling me what else I may need to look at or change? Any direction on this will be greatly appreciated. Regards, Andrew List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
