I will be way in the minority, but I actually allow my users to have LOCAL Admin privileges. You can still use NTFS permissions to lock down folders.

I know it opens you up to downloads and viruses, etc. But, you can use group policy IF have Active Directory on a server. It just seemed like I was constantly having to Run As Administrator whether to troubleshoot, fix or work on the computer.

That's one opinion.

Now, everyone else will tell you not to. smile


Bert
Pediatrics
Brewer, Maine