TECHNOLOGY TRENDS

In a default small business server 2003 installation, groups and users assignments are setup in ?default? mode that can cause catastrophic problems if handled incorrectly. The perfect way to deal with this is to change all of the default groups and assignments and begin with your customized groups and security.

Usually, small business server 2003 is setup with a few groups for security based on a small business environment. The administrator of server, by default, is made a member of the domain powers users? security group. The domain power users? security group is nested another group known as Remote Operators. SBS Remote Operators are defined by local and domain group policy to refuse logon locally. Try to log in to the console, and you will get information that your server administrator has denied your access to log in interactively to the server.

The solution is to eliminate the administrator from small business server remote operators group and domain power users groups as well. The administrator requires being in the domain and enterprise administrators. The other thing, surf to group policy locally and on domain policy and ensure that deny logon locally is disabled.

Accidentally assigning the administrator to either remote desktop groups or domain power users will cause major issues. If administrator can?t log on local server, then services will not begin and reinstallation will be imminent. By default, the administrator has remote desktop authority, so not further setup is required.

4 Responses to “Business Server 2003 Services”