<div>
The Restricted Groups policy setting is a good way to accomplish this.<br />
<a href="http://www.windowsecurity.com/articles/Using-Restricted-Groups.html" rel="ugc">http://www.windowsecurity.com/articles/Using-Restricted-Groups.html</a><br />
<a href="http://technet.microsoft.com/en-us/library/cc756802.aspx" rel="ugc">http://technet.microsoft.com/en-us/library/cc756802.aspx</a><br />

</div>


The Restricted Groups policy setting is a good way to accomplish this.
http://www.windowsecurity.com/articles/Using-Restricted-Groups.html [http://www.windowsecurity.com/articles/Using-Restricted-Groups.html]
http://technet.microsoft.com/en-us/library/cc756802.aspx [http://technet.microsoft.com/en-us/library/cc756802.aspx]


<div>
Hi Armyn,<br />
Thanks for the tip - looks good to me. Have accepted your solution but would appreciate the script if you could spare me the time. I've not dabbled too much with this!<br />
Best regards,<br />
Alan.
</div>


Hi Armyn,
Thanks for the tip - looks good to me. Have accepted your solution but would appreciate the script if you could spare me the time. I've not dabbled too much with this!
Best regards,
Alan.

<div>
<div class="content wysiwyg-content">
Hi Y'all,<br />
On the network I look after, a lot of PCs have been identified as having a user account that can be logged on to locally giving full admin access to the machine thus bypassing all security measures in place. <br />
I can get rid of this by logging on to the machine as an administrator and deleting the admin rights from the user. This solves the problem but with 600 PCs on the newtork, can anyone point me at a quick solution/script etc that will do the biz?<br />
Ta.
</div>
</div>


Hi Y'all,
On the network I look after, a lot of PCs have been identified as having a user account that can be logged on to locally giving full admin access to the machine thus bypassing all security measures in place. 
I can get rid of this by logging on to the machine as an administrator and deleting the admin rights from the user. This solves the problem but with 600 PCs on the newtork, can anyone point me at a quick solution/script etc that will do the biz?
Ta.

Delete user account that can be logged on to locally giving admin rights

Operating system security (OS security) is the process of ensuring OS integrity, confidentiality and availability. OS security refers to specified steps or measures used to protect the OS from threats, viruses, worms, malware or remote hacker intrusions. OS security encompasses all preventive-control techniques, which safeguard any computer assets capable of being stolen, edited or deleted if OS security is compromised, including authentication, passwords and threats to systems and programs.

OS Security

A vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness, known as the attack surface. Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. Other vulnerabilities include security risks, security defects and constructs in programming languages that are difficult to use properly.