locked
First user login to be local administrator RRS feed

  • Question

  • Hi,

    I would like to distribute windows 7 image to helpdesk. I want to add some script/tool to the image to add the first user -who login after deploying image- to the local administrators group.

    Considering that:

    - The users do not have any domain administration privileges

    - Any login after that, users won't be added to local administrator group. The scrip runs once for the fist user.

    Is it that possible?

    Sunday, July 15, 2012 5:28 AM

Answers

  • NOt possible. Only an administrator can add to teh group.  If the first user is not an admiistrator then they cannot add themselves to the group.

    No normal user should ever be allowed to run as an administrator.  Even the defined user of a system should always run as a limited user.

    Please read the Microsoft documentation on this principle: http://technet.microsoft.com/en-us/library/bb456992.aspx


    ¯\_(ツ)_/¯

    • Proposed as answer by Richard MuellerMVP Sunday, July 15, 2012 4:12 PM
    • Marked as answer by IamMred Tuesday, July 17, 2012 9:13 PM
    Sunday, July 15, 2012 6:29 AM

All replies

  • NOt possible. Only an administrator can add to teh group.  If the first user is not an admiistrator then they cannot add themselves to the group.

    No normal user should ever be allowed to run as an administrator.  Even the defined user of a system should always run as a limited user.

    Please read the Microsoft documentation on this principle: http://technet.microsoft.com/en-us/library/bb456992.aspx


    ¯\_(ツ)_/¯

    • Proposed as answer by Richard MuellerMVP Sunday, July 15, 2012 4:12 PM
    • Marked as answer by IamMred Tuesday, July 17, 2012 9:13 PM
    Sunday, July 15, 2012 6:29 AM
  • This is a request to add a security hole as a feature...

    Bill

    Monday, July 16, 2012 2:30 PM