+1 Add the user's domain account to the local security policy. Administrative Tools --> Local Security Policy --> Security Settings --> local Policies --> User Rights Assignment --> "Shut down the system" (see screen shot below).
Better yet, possibly, depending on your security & administrative needs, create a global security group @ the domain level called something like "allowed to shut down servers", add your user to this group, and then add the new global security group to the local security policy of the server(s), so that you can administer the group rights at the domain level (it makes it a little bit more difficult to forget that the policy is there, if you administer AD much at all.) Take it a step further, you can create an OU at the domain level and link the domain GPO to the OU, then add the server computer accounts to the OU (OU might have to nest the OU in order to get the desired policy application depending on what other policies you have in place for the affected servers)... doing this means you have no additional management overhead at the local server level, as it can ALL be administered from AD without ever touching the server. [cid:[email protected]] Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians & Associates, PA [email protected]<BLOCKED::mailto:%[email protected]> www.eaglemds.com<BLOCKED::http://www.eaglemds.com/> ________________________________ From: Free, Bob [mailto:[email protected]] Sent: Friday, November 12, 2010 11:51 AM To: NT System Admin Issues Subject: RE: Remote reboot W2K via remote PSSHUTDOWN Did you grant them the user right to shutdown the system? From: David Lum [mailto:[email protected]] Sent: Friday, November 12, 2010 8:42 AM To: NT System Admin Issues Subject: Remote reboot W2K via remote PSSHUTDOWN Is there a way to give someone permissions to reboot a Win2K pro system without them being a local admin? I want them to run a PSSHUTDOWN script remotely but they get access denied unless they're admin. Is there any reg hack I can do hokus pokus with? David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ________________________________ Any medical information contained in this electronic message is CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to view, copy, disclose, or disseminate CONFIDENTIAL information. This electronic message may contain information that is confidential and/or legally privileged. It is intended only for the use of the individual(s) and/or entity named as recipients in the message. If you are not an intended recipient of this message, please notify the sender immediately and delete this material from your computer. Do not deliver, distribute or copy this message, and do not disclose its contents or take any action in reliance on the information that it contains. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
<<inline: image001.jpg>>
