Solved

Creating a  restricted group  - group policy to remove users from local admin group and add to power users group

Posted on 2008-09-29
2
452 Views
Last Modified: 2012-08-13
Hello Everyone,

Most of my users who have xp and vista machines are local admins.  I want to implement a restricted group policy to remove them  from the local admin group and then add him/her to the local power users group.  
Does anyone have any documentation on how to do this?  Also,  Can I do this on a specific OU or group?

Thanks,

Bill
0
Comment
Question by:bjennings
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 5

Accepted Solution

by:
NutrientMS earned 500 total points
ID: 22599895
Hi Bill,

i'm not 100% sure how to use group policy to remove users from the local admins group, however to to the Power Users group in Group Policy you go to:

Computer Settings -> Windows Settings -> Security Settings -> Restricted Groups

From here you can set the Power Users group to have the YourDomain\Domain Users group as a member.  We use this to add all of our Domain Users to the Local Administrators group.

As this is a Computer Settings Policy, it needs to be applied to the OU that stores your computers and will apply to all the computers in the group.  If you only want to run it on some computers, you will need to split these out into their own OU and apply the policy to that one only.

Cheers.
0
 

Author Closing Comment

by:bjennings
ID: 31501300
Thanks..Worked Great!!  
0

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, I had the need to build a standalone system to run a point-of-sale system. I’m running this on a low-voltage Atom processor, so I wanted a light-weight operating system, but still needed Windows. I chose to use Microsoft Windows Server 200…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…

615 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question