Re: Group Policy and user level access
- From: "Roger Abell [MVP]" <mvpNoSpam@xxxxxxx>
- Date: Thu, 19 Apr 2007 08:16:48 -0700
Application compatibility issues are many, but much can be
resolved by granting to the Users group either in the filesystem
or the registry where the incompatible application is attempting
to make changes (yes, Office 2000 was incompatible with XP
guidelines for well-behaved applications).
Attempting to restict an admin account from the exercise of
admin capabilities is an exercise in futility. They will, given
determination and a little skill or time googling, walk around
any restriction you might think you have put in place.
You should post to the windowsxp.security_admin newsgroup
for some guidance on shifting your users to being limited Users.
Roger
"Falcon1" <Falcon1@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:A8B0CD29-813E-4509-88CA-97AD85252E88@xxxxxxxxxxxxxxxx
Hi,
We are running Windows XP Pro and 2000 Pro on our computers. I'm in the
process of learning Group Policies and how to create, manage, deploy and
troubleshoot them (AD is still on 2000 Server based)
My 2x questions are:
How come when I remove the local Administrator rights to a user and leave
him on a basic user level access we run into all kinds of software issues
that we do not have if the user is part of the admin group. Such as
Outlook
printing issues that can't create documents in Temp folders and so many
other
sotwares having all kind of hickup behaviors?
My second question is it possible to leave my users in the local admin
groups but with group policy deny them the rights to install or remove any
applications? If so how?
Any help will be greatly appreciated since I'm kind of in a nightmare in
troubleshooting and administering all of what goes on the users computers
Thank you
Gabriel
.
- Prev by Date: Re: Encryption
- Next by Date: Re: Encryption
- Previous by thread: Re: Windows 2000 dos command
- Next by thread: Re: Group Policy and user level access
- Index(es):
Relevant Pages
|
|
