<div>
The Administrator account has unrestricted privileges. So removing any unwanted users can always be done by a domain admin or local admin.<br />
<br />
As for privilege elevation this cannot be done if you as a domain/local admin have restricted the users in a group to a specific set of privileges which doesn't include elevating privileges.
</div>


The Administrator account has unrestricted privileges. So removing any unwanted users can always be done by a domain admin or local admin.

As for privilege elevation this cannot be done if you as a domain/local admin have restricted the users in a group to a specific set of privileges which doesn't include elevating privileges.

<div>
oops just missed by a few minutes
</div>


<div>
<div class="content wysiwyg-content">
Hello All,<br />
<br />
I would like to ensure that no unauthorised changes can be made to any of the Schema, Domain and Enterprise groups. &nbsp;Basically in the unlikely event that someone manages to elevate permission - I want the additional &quot;user&quot; that has been added to be removed.<br />
<br />
Can anyone advise with details on how to achieve<br />
<br />
Best regards<br />
<br />
Byron
</div>
</div>


Hello All,

I would like to ensure that no unauthorised changes can be made to any of the Schema, Domain and Enterprise groups.  Basically in the unlikely event that someone manages to elevate permission - I want the additional "user" that has been added to be removed.

Can anyone advise with details on how to achieve

Best regards

Byron

Restrict users that can be added to specific groups - Schema Admin, Domain Admin, Enterprise Admin

The Microsoft Legacy Operating System topic includes legacy versions of Microsoft operating systems prior to Windows 2000: All versions of MS-DOS and other versions developed for specific manufacturers and Windows 3/3.1, Windows 95 and Windows 98, plus any other Windows-related versions, and Windows Mobile.

Microsoft Legacy OS

The Microsoft Server topic includes all of the legacy versions of the operating system, including the Windows NT 3.1, NT 3.5, NT 4.0 and Windows 2000 and Windows Home Server versions.

Microsoft Server OS

Operating system security (OS security) is the process of ensuring OS integrity, confidentiality and availability. OS security refers to specified steps or measures used to protect the OS from threats, viruses, worms, malware or remote hacker intrusions. OS security encompasses all preventive-control techniques, which safeguard any computer assets capable of being stolen, edited or deleted if OS security is compromised, including authentication, passwords and threats to systems and programs.