Local Security Settings (Admin Users)

How do I prevent users with Administrator privileges [other than the
Administrator (root) account of course] to access / edit the Local Security
Policy settings.

Thank you in advance for any feedback.

"AlohaMahalo" <AlohaMahalo@discussions.microsoft.com> wrote in message
news:71399FD6-38F7-4621-AE78-181ED26FA794@microsoft.com...
> How do I prevent users with Administrator privileges [other than the
> Administrator (root) account of course] to access / edit the Local
> Security
> Policy settings.
>
> Thank you in advance for any feedback.
>
All members of the administrators group have the same privileges.
You cannot keep a member of this group from doing whatever they wish
whenever they wish.
You can deny access do the program which does the magic with the LSP, but
all that would do is slow a determined user down.
Jim

Hi Jim,

Sounds good to me. Is there a step by step procedure that describes how you
can do that? Any help appreciated. Thank you so much.

"Jim" wrote:

>
> "AlohaMahalo" <AlohaMahalo@discussions.microsoft.com> wrote in message
> news:71399FD6-38F7-4621-AE78-181ED26FA794@microsoft.com...
> > How do I prevent users with Administrator privileges [other than the
> > Administrator (root) account of course] to access / edit the Local
> > Security
> > Policy settings.
> >
> > Thank you in advance for any feedback.
> >
> All members of the administrators group have the same privileges.
> You cannot keep a member of this group from doing whatever they wish
> whenever they wish.
> You can deny access do the program which does the magic with the LSP, but
> all that would do is slow a determined user down.
> Jim
>
>
>

You've asked your question twice here.

Anyone in the group named "Administrators" can do whatever they want on the
computer. You can't do anything to prevent this.

--
Steve Riley
steve.riley@microsoft.com
http://blogs.technet.com/steriley
http://www.protectyourwindowsnetwork.com



"AlohaMahalo" <AlohaMahalo@discussions.microsoft.com> wrote in message
news:A31EC1DB-4252-42B2-BF11-95AF95669A0D@microsoft.com...
> Hi Jim,
>
> Sounds good to me. Is there a step by step procedure that describes how
> you
> can do that? Any help appreciated. Thank you so much.
>
> "Jim" wrote:
>
>>
>> "AlohaMahalo" <AlohaMahalo@discussions.microsoft.com> wrote in message
>> news:71399FD6-38F7-4621-AE78-181ED26FA794@microsoft.com...
>> > How do I prevent users with Administrator privileges [other than the
>> > Administrator (root) account of course] to access / edit the Local
>> > Security
>> > Policy settings.
>> >
>> > Thank you in advance for any feedback.
>> >
>> All members of the administrators group have the same privileges.
>> You cannot keep a member of this group from doing whatever they wish
>> whenever they wish.
>> You can deny access do the program which does the magic with the LSP, but
>> all that would do is slow a determined user down.
>> Jim
>>
>>
>>