I'm running an NT Server network and am slowly upgrading my workstations to Win2K Pro. Since I'm unable to take advantage of GPOs in AD, I'm trying instead to create security policy templates locally on several workstations. I need to lock down things like drive visibility, icons on the desktop, etc. I've gone as far as running gpedit.msc and looking through the available options that I can enable.
My question is this. What is the best way to create a local group policy and tie it to certain users on that machine? I want them to be locked out of specific things, but when I log on as Administrator, I don't want to be restricted.
Also, is there a way, once created, that I can export the template I modified on one machine out to other machines on the network so I don't have to go through the same process over again?
I'm familiar with creating GPOs in AD, but have never had to do it locally, so this is unfamiliar to me.