prytaneion
asked on
Delete user account that can be logged on to locally giving admin rights
Hi Y'all,
On the network I look after, a lot of PCs have been identified as having a user account that can be logged on to locally giving full admin access to the machine thus bypassing all security measures in place.
I can get rid of this by logging on to the machine as an administrator and deleting the admin rights from the user. This solves the problem but with 600 PCs on the newtork, can anyone point me at a quick solution/script etc that will do the biz?
Ta.
On the network I look after, a lot of PCs have been identified as having a user account that can be logged on to locally giving full admin access to the machine thus bypassing all security measures in place.
I can get rid of this by logging on to the machine as an administrator and deleting the admin rights from the user. This solves the problem but with 600 PCs on the newtork, can anyone point me at a quick solution/script etc that will do the biz?
Ta.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi Armyn,
Thanks for the tip - looks good to me. Have accepted your solution but would appreciate the script if you could spare me the time. I've not dabbled too much with this!
Best regards,
Alan.
Thanks for the tip - looks good to me. Have accepted your solution but would appreciate the script if you could spare me the time. I've not dabbled too much with this!
Best regards,
Alan.
http://www.windowsecurity.com/articles/Using-Restricted-Groups.html
http://technet.microsoft.com/en-us/library/cc756802.aspx