Adding regular users as administrators to a device using a group provides more security than simply adding users to the domain admins group. Utilizing the domain users group allows user accounts to be added more quickly and is efficient as nothing needs to be done when new user accounts are created or old ones are removed. By adding the domain users group, only the user accounts in Active Directory need to be managed while the permissions on the local machines remain intact.
Adding Regular Users as Admins to a Device Using a Group
- Search for "Computer" and select "Computer Management".
- Click on "Local Users and Groups" to expand this category.
- Click on the "Groups" folder.
- Double-click on the "Administrators" group listed in the right panel.
- In the Administrator Properties popup, click the "Add..." button at the bottom to add the domain users group.
- Type "domain users" in the object names box and click the "Check Names" box to verify and add the domain users group.
- Click "OK" at the Select Users box to close it and the domain users group is now added to the Administrators group on that device.
- Click "OK" to close the Administrator Properties box.
- Close Computer Management.