Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Server Administration: Local Admin vs Domain Admin 1

Status
Not open for further replies.
watergapnomad

watergapnomad

MIS
Jul 9, 2007
11
US
When administering a server (let's say a file server), is it best practice to do so via the server's local administer account, or with an account that has domain admin privileges?

I'm trying to figure out if there is a reason to use one over the other, or if they can be used interchangeably. For instance, when setting up shared folders on a file server, should this be done with the server's local admin account or as a domain admin?

Thanks
 
Sort by date Sort by votes
You should use a domain admin account so that you have access to ADUC to assign rights.

I'm Certifiable, not cert-ified.
It just means my answers are from experience, not a book.

There are no more PDC's! There are DC's with FSMO roles!
 
Upvote 0 Downvote
Thanks for the info.

But back to my example of setting up network shares on a file server, is it best to do this with the server's local admin account or logged in as a domain admin?
 
Upvote 0 Downvote
Um, I answered your question...you need to use a domain admin account. What part of that confused you?

I'm Certifiable, not cert-ified.
It just means my answers are from experience, not a book.

There are no more PDC's! There are DC's with FSMO roles!
 
Upvote 0 Downvote
If you want to create a network share, it needs to be available to users on the network. Therefore you need to access Active Directory to pick up the groups to share the network share to.

This means you need to use a domain admin account, not a local one.

This is what Dave was saying.
 
Upvote 0 Downvote
Um, I answered your question...you need to use a domain admin account. What part of that confused you? "

Sorry, I was still waking up - brain hiccup.

Zelandakh - thanks for clearing that up for me.
 
Upvote 0 Downvote
...hate when that happens... ;-)

I'm Certifiable, not cert-ified.
It just means my answers are from experience, not a book.

There are no more PDC's! There are DC's with FSMO roles!
 
Upvote 0 Downvote
OK, so if I go ahead and create shares using a domain admin account, does that account then have ownership of the share (and all subfolders) by default? Would the local admin account also have ownership?
 
Upvote 0 Downvote
If you're working on a domain, then ignore any local accounts and use only domain accounts.

I'm Certifiable, not cert-ified.
It just means my answers are from experience, not a book.

There are no more PDC's! There are DC's with FSMO roles!
 
Upvote 0 Downvote
OK, one more question. :D

We recently created a new domain for our company. We still have the old domain running, but it will be done away with for good in the next couple of months.

At that time, when I am only using the domain admin account for the new domain, will I need to have this account take ownership of all of the shares that had originally been setup using the old domain admin account?
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

MattM1975
  • Locked
  • Question
Domain Admin Logon 1
Replies
2
Views
207
ADB100
ADB100
MaioMaio
  • Locked
  • Question
Server Remote Desktop License
Replies
0
Views
389
MaioMaio
MaioMaio
Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
471
Aquiles Vidal
Aquiles Vidal
goombawaho
  • Locked
  • Question
Microsoft Azure Active Directory - Backup Admin Account 1
Replies
2
Views
742
goombawaho
goombawaho
goombawaho
  • Locked
  • Question
Domain join from wifi connected laptop
Replies
4
Views
698
goombawaho
goombawaho

Part and Inventory Search

Sponsor

Back
Top