We have a network with Windows XP and Windows 7 client workstations and a Windows 2008R2 domain controller.
- Users need to be able to install applications and updates.
- Several users have roaming profiles.
- Workstations need to be usable by multiple users
Based on the above needs, we've had to give multiple users local Administrative access. This allows functionality, but opens us up to security issues. Users can use UNC to connect and browse file resources on different workstations.
Has anyone had to deal with this issue? Any thought or recommendations on how to get a balance of functionality and security?
Thanks in advance.