Why Local administrator membership is deleted, when the domain users shut down and restart their PC

Hi
We had Windows 2008 Domain controllers and we have virtualised all our servers and our DCs are Windows 2012.

Windows XP PC (300)
Windows 7 (10 PCs)

We started upgrading our PC from windows XP to 7 . I have observed that some of the settings in Windows 7 PCs are not getting applied successfully as applied in XP.
For example;
Restricted user can customise the desktop in XP, but it doesn’t allow in Windows 7.
Restricted user logged in a XP cannot see Remote desktop and command prompt, but they can see the RDP and command prompt under Windows7 accessories.

When I asked my predecessors, they said the GPO was done for XP and because the GPO was done for XP, and this GPO will not get applied properly to windows 7 PC.

If I go to Windows 7 users PC and log in as administrator and add our domain users to a Local administrator group. When the domain users shut down and restart the PC and login the local administrator membership is deleted.
I don’t how this is happening.
But at the same time it doesn’t delete the local administrator membership on windows XP PC, it retains the membership even after it is rebooted and logged in back.

Please suggest how this can be resolved so that the local administrator membership doesn’t get deleted when they shut down the PC and log in back.

Thanks
lianne143Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Cliff GaliherCommented:
All of the things you listed are configurable group policy settings. And just so its clear, the defaults have not changed between XP and win7. So the differences are because of policies being enforced. Group policy inheritance, WMI filtering, and the plethora of settings make it fat too complex to go into in a single EE reply given your existing environment.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
lianne143Author Commented:
Thanks for your post.
Actually  we have a program installed on our Windows7 PC. We have a couple of domain users who use this program and when they open this shortcut it asks for administrator password.

If I give a local administrator permission on their Win7 PC to this domain user , and when they open this program, it doesn't prompt for administrator password and successfully opens.

Is there a different  way of sorting this so that it doesn't prompt for a administrator password OR
Can you please post me tutorials  as how to assign local administrator permissions in my network condition.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.