Let me be the first to tell you not to. Bert has already given reasons why. Furthermore:
* If users are local admins, they can override any NTFS permissions you have given to limit their access to files/folders on that computer.
* If users are local admins, they can override any Group Policy settings you have given them.
Rule of Thumb: You can NOT deny an administrator. The ONLY account that has any power over users with administrative rights is the built-in account known as Administrator. And the only power it has over users with administrative rights is the power to revoke their administrative status.
To be honest, on a network that is set up properly, you should rarely have to log on as administrator, anyway.
JamesNT