<div>
<div class="content wysiwyg-content">
Initially, an application we had required local admin rights. &nbsp;That requirement has been changed but we in I.T. are left with the headache that it leaves behind. &nbsp;We have around 200 PC's all with local admin rights. &nbsp;I have two questions:<br />
<br />
#1) &nbsp;How can we change their local group membership via a group policy object (GPO)?<br />
#2) &nbsp;If number one can't be done, how can we stop local admins from installing software?<br />
<br />
Environment info:<br />
Windows 2003 domain w/ active directory<br />
50% Windows 2000<br />
50% Windows XP<br />
<br />
Appreciate any ideas or thoughts!
</div>
</div>


Initially, an application we had required local admin rights.  That requirement has been changed but we in I.T. are left with the headache that it leaves behind.  We have around 200 PC's all with local admin rights.  I have two questions:

#1)  How can we change their local group membership via a group policy object (GPO)?
#2)  If number one can't be done, how can we stop local admins from installing software?

Environment info:
Windows 2003 domain w/ active directory
50% Windows 2000
50% Windows XP

Appreciate any ideas or thoughts!

Disable Local Admins From Installing Software

The Microsoft Server topic includes all of the legacy versions of the operating system, including the Windows NT 3.1, NT 3.5, NT 4.0 and Windows 2000 and Windows Home Server versions.

Microsoft Server OS

Windows Server 2003 was based on Windows XP and was released in four editions: Web, Standard, Enterprise and Datacenter. It also had derivative versions for clusters, storage and Microsoft’s Small Business Server. Important upgrades included integrating Internet Information Services (IIS), improvements to Active Directory (AD) and Group Policy (GP), and the migration to Automated System Recovery (ASR).

Windows Server 2003

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.