Group Policy to remove Domain\Local Admin

Posted on 2011-09-23
Last Modified: 2012-05-12
I am looking for a Group Policy to remove DomainName\Local Admin  from my workstations. Attached is a screen shot of the Local workstation, Computer Management, Local usere and groups, Administrators  with the Member I want to remove from my domain workstations.

Thank you  [
Question by:Randy Madej
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 36586499
Use within that GPO node named Restricted Groups. You can read more abot that in the Internet because it's inconvenient placing links on a mobile ;)

If you have at least one Win7/2008 you can use Group Policy Preferences for that, but firstly you need to install Client Side Extension on XP/ 2003 machine. I will post links a little bit later or you can google for that. Thanks


Author Comment

by:Randy Madej
ID: 36586555
The networi is most xp machines I have 4 Win 7 and all servers are 2003
LVL 39

Accepted Solution

Krzysztof Pytko earned 500 total points
ID: 36586667
So, in my opinion it's better to use GPP. Instal CSE on each XP/2003 and create GPP on a 7 import to 2003 GPO and link to OU(s).

GPP information aboy that

CSE for XP

CSE for 2003

you can install that update from WSUS

If you don't want to use GPP, then use Restricted Groups

Comparison of Amazon Drive, Google Drive, OneDrive

What is Best for Backup: Amazon Drive, Google Drive or MS OneDrive? In this free whitepaper we look at their performance, pricing, and platform availability to help you decide which cloud drive is right for your situation. Download and read the results of our testing for free!

LVL 23

Expert Comment

by:Stelian Stan
ID: 36586687
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 36586717
Nope, this link from Mike's blog is for filtering GPO appliance :) He needs to restrict membership of local Administrators group on a server/PC :]

LVL 23

Expert Comment

by:Stelian Stan
ID: 36586734

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question