<div>
Is this part of a domain? If so you can use OU's and group management to get this done. &nbsp;Just apply the policy on the user OU and not the Administrator OU.<br />
<br />
I don't believe you can exclude groups from the local GPO in a non-domain situation.
</div>


<div>
No they are stand alone Windows XP Professional PCs
</div>


<div>
You may need to look for a work around to whatever it is you are doing. &nbsp;There is simply the Local GPO, and to my knowledge there isn't a way of creating multiple local GPO's that are user specific in a workgroup setting. &nbsp;I may be wrong though and maybe a smarter person than I will jump in and inform you of such.
</div>


<div>
What kinds of things are you trying to do? &nbsp;Are you trying to keep one user from doing certain things like accessing programs or turning things off? &nbsp;This can be done by logging in as the user and tweaking thier registry settings which I could help you with if your just specify a little more. &nbsp;
</div>


<div>
thanks venom96737:<br />
<br />
Look, let me explain, there isn't &nbsp;enough funding, so the 20 machines that i have to work with these users don't have a server. So to have a better control on users i made aproximately 150 users on each computer, because they can arrive at different schedules.<br />
As you said i would like to for instance block the control panel through group policies, but unfortunatelly the Administrator gets restricted too.<br />
It is very simple i would like to have a global policies for the 150 users and another policy for the administrator. It seems that with Windows Server one can do that through file permision.<br />
<br />
Thanks a lot for your help<br />
<br />
Yes, for instance i would like to disable the control panel to 
</div>


<div>
you might want to look into something like this:<br />
<a href="http://www.tweakxp.com/Article37921.aspx" rel="ugc">http://www.tweakxp.com/Article37921.aspx</a><br />
download found here:<br />
<a href="http://www.microsoft.com/downloads/details.aspx?FamilyId=D077A52D-93E9-4B02-BD95-9D770CCDB431&displaylang=en#QuickInfoContainer" rel="ugc">http://www.microsoft.com/downloads/details.aspx?FamilyId=D077A52D-93E9-4B02-BD95-9D770CCDB431&displaylang=en#QuickInfoContainer</a><br />
<br />
On a standalone its different on a server you have active directories and all sorts of goodies you could play with ntfs permissions if you like but can get be annoying and time consuming.
</div>


<div>
thanks venom96737:<br />
<br />
I tried a couple of days ago the tool Windows Steady State 2.5 and it crippled terribly a machine. It became terrible slow. Besides it activated the users welcome screen and as you can imagine 150 users it was imposible to browse your correct user.<br />
It is very sad but it seems that it is impossible to control this shared users!!!
</div>


<div>
Well if you just ensure that all of the user accounts aren't in the administrators group then though they may be able to see things like control panel, they won;t be able to do too much with it as they won;t have any rights. &nbsp;I would lobby for a s SBS personally. &nbsp;I know funding sucks, but it really should sell its self if you ave over 150 users running across 20+ machines.<br />

</div>


<div>
well robb its not impossible to do as i said create the registry batch file and run it on all accounts but to control it centrally through one edit yes thats impossible.
</div>


<div>
thanks again venom96737:<br />
<br />
Today i tried to realize what you are telling me in the last message (by a reg file double clicking inside the restricted users y also tried through group policies login scripts ). But as the users are restricted users i got errors that the registry was open.<br />
If you could give a concrete example of how to do what you are saying through batch, would be highly appreciated!!
</div>


<div>
<div class="content wysiwyg-content">
How to apply local group policies on Windows XP without affecting the administrator
</div>
</div>


How to apply local group policies on Windows XP without affecting the administrator

Microsoft Windows XP is the sixth release of the NT series of operating systems, and was the first to be marketed in a variety of editions: XP Home and XP Professional, designed for business and power users. The advanced features in XP Professional are generally disabled in Home Edition, but are there and can be activated. There were two 64-bit editions, an embedded edition and a tablet edition.