I have asked this question once with no solution. Going to aske again with more points
I have a laptop user that needs to have local permission to do some trouble shooting with AT&T on his air card. I do not trust this user as far as I can throw him. I do not want to change his permission to a power user at a local level. Can I create a security setting in active directory that will give this user local power user rights. This way I can give and take away this security to any user any time I want to do so.