Solved

active directory OU

Posted on 2011-03-18
6
209 Views
Last Modified: 2012-05-11
i have windows 2003 servers in an active directory domain -  i don't want to allow a few users from being able to add any software - unfortunately - i can't keep the users out of the local admin account. i was assuming i could accomplish this through group policies - however - when i was poking around in group policies i didn't see how i could keep people from adding software - what am i missing?
0
Comment
Question by:JeffBeall
6 Comments
 
LVL 29

Expert Comment

by:Randy Downs
ID: 35168517
You really need to lock down the local accounts. I'd remove all but guest & admin account with a password.
0
 
LVL 29

Assisted Solution

by:Randy Downs
Randy Downs earned 166 total points
ID: 35168539
Note you can let users have local accounts as long as they are not admins
0
 
LVL 1

Author Comment

by:JeffBeall
ID: 35168564
we have a software package that requires the user to be the local admin, that is why i said

"i can't keep the users out of the local admin account"
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 27

Accepted Solution

by:
KenMcF earned 167 total points
ID: 35168592
If the users are local admins they can bypass any restricted polciy you set on that computer. You can look into third party software like DeepFreeze

http://www.faronics.com/en/Products/DeepFreeze/DeepFreezeEducation.aspx
0
 
LVL 57

Assisted Solution

by:Mike Kline
Mike Kline earned 167 total points
ID: 35168595
You can use software restriction policies   http://technet.microsoft.com/en-us/library/bb457006.aspx  in Windows 7 it is improved and known as applocker.

Thanks

Mike
0
 
LVL 1

Author Closing Comment

by:JeffBeall
ID: 35180625
thank you
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question