Re: Domain users members of local administrator

David Wang [Msft] wrote:
Let me clarify my point:

My setup allows the technically proficient to run as a secured,
normal user but still easily do all the advanced things with little
trouble
For the non-technical users, you simply remove the RUNAS and admin
command prompt and it should work. Why?

Because most non-technical users do a fixed (not as technical and
dynamically changing) set of actions on the computer. Once you have
that all set up, they simply do not need to run as administrator.

For example, when XPSP2 came out, I reinstalled my family's various
PCs with XPRTM + XPSP2 patch, then I had them declare and install any
apps they depend on, after which I silently moved their login
accounts out of Administrators, setup Windows update to auto-update,
locked up their local administrator account to a password only I
know, and they haven't come back with viruses, malware, spyware, nor
complain that they can't do what they want.

I think that's the way things should be even as it scales larger.



From an enterprise perspective that's acceptable. From a small business
perspective it's not. Try running some popular small business accounting
packages or contact management packages as a regular user. I would love to
be able to set up customers as regular users rather than admins but with XP
it only generates ill will from my customers and they start calling someone
else. I am looking forward to Vista.

Kerry


.

Relevant Pages

  • Re: Newbie question about setting up XP - coming from win98se background
    ... >(accounts with the .xxxx trail in name) but there may be others. ... Management/Local Users, it's showing the "hidden" Administrator acct, ... the Guest acct, the Niteowl, Kalehli, and Maurine accts. ... It seems like I named it during setup... ...
    (microsoft.public.windowsxp.basics)
  • Re: i cant get into my administrative account
    ... All accounts created during initial setup are given administrator status by ... safety deserve neither liberty nor safety. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Windows XP lockout
    ... box put "Administrator" and the second box put in the "Administrator ... password" given during setup or leave it blank if none was supplied. ... > I have windows xp with the security policy installed. ... but the area were the accounts appear is blank. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: How to hide Control Panel, or tools in Control Panel
    ... My home Windows XP computer has several accounts I ... customize to hide Control Panel in my children ... I know I can have gpedit.msc to set it up, but it looks like this setup ... I am an administrator. ...
    (microsoft.public.windows.group_policy)
  • Re: Exchange 2007 on new Win2008x64 Hyper-v wont install...
    ... Are you running SETUP from your install media/source 'As Administrator'? ... Doesn't seem exchange team included ... Just open the source media folder, right click on SETUP and choose 'Run As ...
    (microsoft.public.exchange.setup)