Posted on 2005-03-09
I have got many 3rd party apps running on our system which need updates and deployments to our client machines.
I have recently removed the local user account of the local machine so that the users cannot install, remove or change any settings on there pc's which is working great.
But, this has created many problems with regard to updates, installs to the clients via login scripts and so on.
If i recreate the local account on the local machine giving the user admin rights to his pc so that when the login scripts process it will have the rights to install, config or update. Will i still be able to not allow the user to install or change any settings?
Most of those settings come from our domain policy. If i creat the local acount for that user on his/her pc with admin rights to that machine will it override the domain policy?
What can I do?
I dont want the user to be able to fiddle, change, remove or install anything onto there machines.
Another problem is, with there being no local account on the local machine certain apps will not run correctly unless i grant that user admin rights and in some cases. I even tried giving them power user rights which will not work iether.
typically, the user which i dont want to fiddle around is the one who needs admin rights to his pc in order for his apps to work correctly.