Because of all the new security regulations being pushed on us I need to buckle down on the permissions in our domain. We currently have a userID setup in AD that is used to join the domain automatically in SysPrep on a new image. The password is set to never change (a security risk), but I can live with that if the userID is locked down and can ONLY join computers to the domain. I don't want it to be able to login or do anything else. Is this possible?