Set permissions required by RIS users who use prestaged client computers

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

To set permissions required by RIS users who use prestaged client computers

Open Active Directory Users and Computers.
On the View menu, ensure that Advanced Features is checked.
In the console tree, right-click the applicable client computer account.

Where?
- Active Directory Users and Computers/Applicable domain/Applicable organizational unit (such as Computers)/Applicable client computer account
Click Properties.
In the Properties dialog box, click the Security tab, and then click Add.
In the Select Users, Computers or Groups dialog box, type the name of the user or group that will use Remote Installation Services (RIS) to install the prestaged client computer, and then click OK.
Click the user or group you have added.
Under Allow, ensure that Read and Reset password are selected, and then click OK.

Notes

To perform this procedure, you must be a member of the Account Operators group, Domain Admins group, or the Enterprise Admins group in Active Directory, or you must have been delegated the appropriate authority. As a security best practice, consider using Run as to perform this procedure. For more information, see Default local groups, Default groups, and Using Run as.
To open Active Directory Users and Computers, click Start, click Run, type dsa.msc, and then click OK. For information about creating a shortcut so you can easily open Active Directory Users and Computers with runas, see Related Topics.
This topic does not apply to Windows Server 2003, Web Edition.
If you set these permissions for a group, remember to add users to that group.
For client computer accounts that are prestaged in another Active Directory folder location, expand the Active Directory Users and Computer console and select the appropriate client computer accounts.
This procedure pertains to prestaged client computers. For client computers that are not prestaged, the user must be able to create a computer account in the domain. For more information, see Related Topics.

Your server might function differently based on the version and edition of the operating system that is installed, your account permissions, and your menu settings. For more information, see Viewing Help on the Web.