Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Users Can't install applications on their local machines 2
- Thread starter ITONSITE
- Start date
-
1
- #2
mattjurado
MIS
You just got it. Most softwares require local administrative rights. You can try adding them to the power users groups, but the reality is, in most cases, the administrators group is required.
Login as local administrator on a machine, go to start>settings>control panel>administrative tools>computer management.
Go to groups, open the administrators, from here, click the add button, and change the look in to the domain, give the domain admin name and password, and add the corresponding domain user account, or domain user groups that need local administrative rights to that computer.
Matt J.
Login as local administrator on a machine, go to start>settings>control panel>administrative tools>computer management.
Go to groups, open the administrators, from here, click the add button, and change the look in to the domain, give the domain admin name and password, and add the corresponding domain user account, or domain user groups that need local administrative rights to that computer.
Matt J.
-
1
- #3
mattjurado has it right on. Also... if you have many users on your network and want to push out a software application quickly, you may want to set up a software distribution group policy via Computer Configuration Policies and either Assign or Publish the software to the users on your network.
Assigning application to users->Application appears on the user's Start menu regardless of which computer they log on to
Assigning applications to computers->Application install the next time the computer is started regardless of who is logged on.
Publishing applications-> Application must be installed manually using Add/Remove Programs
Assigning application to users->Application appears on the user's Start menu regardless of which computer they log on to
Assigning applications to computers->Application install the next time the computer is started regardless of who is logged on.
Publishing applications-> Application must be installed manually using Add/Remove Programs
- Thread starter
- #4
Thanks to both of you. I tried to add to the power user group as sugested and navigated to domain username from local machine while I was logged in as administrator. When I clicked the "Add" button i got an error saying the domain was not available. But the machine can see the domain and can see the domain users. any idea why i am getting this error??
1inNetworking
Technical User
That computer is not the member of the domain. Or Preferred DNS server entry is incorrect.
I have the exact opposite problem, My users can install programs..and I dont want them too!
I think I have made them members of the local admin group on the workstation, (Which is needed) but I dont want them to install software...Help is greatly appreciated, (Sorry to interupt, I think the problem may be the same)
thanks
I think I have made them members of the local admin group on the workstation, (Which is needed) but I dont want them to install software...Help is greatly appreciated, (Sorry to interupt, I think the problem may be the same)
thanks
mattjurado
MIS
If you still cannot browse the domain, but everything seems okay, try it from the command prompt, this has worked for me a couple times...
net localgroup %localgroupname% /add %domainname%\%domainusername%
localgroupname would be administrators in your case
domainname would be your domain name
domainusername would be the domain user account to have admin rights on that workstation
Matt J.
net localgroup %localgroupname% /add %domainname%\%domainusername%
localgroupname would be administrators in your case
domainname would be your domain name
domainusername would be the domain user account to have admin rights on that workstation
Matt J.
- Thread starter
- #8
Thank you very much for the help. when I log in on the local computer I login as administrator in the "Vancover" domain and I am allowed to log in to the domain. I can view the users on the pdc and must use a user name and password that in in the pdc. With all that in mind I believe the computer is part of the domain. I only created 19 users with no groups or computer names. This was supposed to be a simple pdc to manage passwords. Even when I select the "Poweruser" group and then click the down arrow to view the domain users and can select the user. It just says the domain can not be contacted. How can this be when I can browse the pdc and it list of users from the same workstation??
Thank's again for your help.
Thank's again for your help.
mattjurado
MIS
I know, its a random bug, doesn't always happen. Did you try the command I typed?
Matt J.
Matt J.
- Thread starter
- #10
I will try it tomorrow. is the format the same as far as the "net localgroup %administrators% /add %vancouver%\%powerusers% " does this look right? I am trying to get them in the "powerusers" group so they can add software.
mattjurado
MIS
Type
net localgroup administrators /add vancouver\"power users"
Type the quotes I put, but not the percent signs. I used those to indicate variables.
Matt J.
net localgroup administrators /add vancouver\"power users"
Type the quotes I put, but not the percent signs. I used those to indicate variables.
Matt J.
If I have users in the local administrators group, and I wish to prevent them from installing programs, I have to move them into restricted users , yes?
Will this effect any settings or programs already installed?
Can I make this change to the users from the DC?
Thanks
Will this effect any settings or programs already installed?
Can I make this change to the users from the DC?
Thanks
- Thread starter
- #13
Hello again!!
Well here is what happened:
I typed: c:\net localgroup administrators /add vancouver/"powerusers"
I got the following error:
The syntax of this command is:
Net localgroup [groupname [/comment:"text"]] [/domain]
groupname{/add [/comment:"text"] : /delete} [/domain]
groupname name [...]{/add : /delete} [/domain]
It told me to type "net helpmsg 3506"
Which I did....... it then told me:.....
The option *** is unknown
Explanation, the specified option is invalid.
Action: check the spelling of the option you typed.
Any ideas?
Thanks again for your time.
Well here is what happened:
I typed: c:\net localgroup administrators /add vancouver/"powerusers"
I got the following error:
The syntax of this command is:
Net localgroup [groupname [/comment:"text"]] [/domain]
groupname{/add [/comment:"text"] : /delete} [/domain]
groupname name [...]{/add : /delete} [/domain]
It told me to type "net helpmsg 3506"
Which I did....... it then told me:.....
The option *** is unknown
Explanation, the specified option is invalid.
Action: check the spelling of the option you typed.
Any ideas?
Thanks again for your time.
mattjurado
MIS
Maybe you missed a space in "power users" Power and users should be separate.
Matt J.
Matt J.
MountainNetworks
IS-IT--Management
- Apr 24, 2003
- 74
- 0
- 0
I've experienced the same behavior as ITONSITE from my workstations. I haven't tried the command line yet. Will do that on monday.
But why would my Windows 98 machines be getting the same login and password prompt when they try to add things like a printer to their workstations? Windows 98 doesn't have the same concept of "Administrative" login privleges. It's basically a single user OS.
I'm leaning towards a corruption of the Group Policy database. I'm not entirely pleased with microsoft's fix for this. There is a liklihood that fixing one problem will break the entire server (blue screen) and cause me hours and hours of troubleshooting and repair.
See Microsoft's Q278316
But why would my Windows 98 machines be getting the same login and password prompt when they try to add things like a printer to their workstations? Windows 98 doesn't have the same concept of "Administrative" login privleges. It's basically a single user OS.
I'm leaning towards a corruption of the Group Policy database. I'm not entirely pleased with microsoft's fix for this. There is a liklihood that fixing one problem will break the entire server (blue screen) and cause me hours and hours of troubleshooting and repair.
See Microsoft's Q278316
- Thread starter
- #16
- Thread starter
- #18
Hello again!!
I am getting an error that says "specified user does not exist".
I also noticed i do not have a group called "power users" on my Domain controller. I only have a "power User" group on my local machine.
I am getting an error that says "specified user does not exist".
I also noticed i do not have a group called "power users" on my Domain controller. I only have a "power User" group on my local machine.
- Thread starter
- #19
actually let me update that....
I found the power user group when I went to the "computer" folder in the domain users and groups. I am not sure how the computer name got there as I did not add it. Since it was there I made it a part of the "power user" group and I still can not install software on that machine.
any ideas??
I found the power user group when I went to the "computer" folder in the domain users and groups. I am not sure how the computer name got there as I did not add it. Since it was there I made it a part of the "power user" group and I still can not install software on that machine.
any ideas??
- Status
Similar threads
- Locked
- Question
- Locked
- Question