CitizenBleys
Programmer
I need to create a group of "stealth admins" that even the domain admins cannot see; Initially, I tried to make an OU containing members of Enterprise Admins and then only allowing users in that OU the read permission, but it still shows up as an "unidentified" object in Active Directory Users and Computers while logged in as one of the regular admins...I need these "stealth admins" to be totally undetectable to the regular admins.
Solution #2 was to create a child domain and put the admin accounts in there. We can disable or try to hide Active Directory Domains and Trusts without raising any red flags, since the regular admins think it's all one domain, so there's no need for that applet...but the problem is, on the login screen, there's a drop down box that includes both the parent and the child domain.
Is there any way to hide this drop-down box (or the Advanced button entirely)? That way the regular admins can enter their username and password, while the stealth admins will have to log in using their UPNs.
The domains are running in Native Mode and all client computers are running Windows 2000 Professional or Server. (Everybody who uses a Server computer as a client is one of the stealth admins, though)
Solution #2 was to create a child domain and put the admin accounts in there. We can disable or try to hide Active Directory Domains and Trusts without raising any red flags, since the regular admins think it's all one domain, so there's no need for that applet...but the problem is, on the login screen, there's a drop down box that includes both the parent and the child domain.
Is there any way to hide this drop-down box (or the Advanced button entirely)? That way the regular admins can enter their username and password, while the stealth admins will have to log in using their UPNs.
The domains are running in Native Mode and all client computers are running Windows 2000 Professional or Server. (Everybody who uses a Server computer as a client is one of the stealth admins, though)
