Thank you Darren From: "Darren Mar-Elia" <[EMAIL PROTECTED]> Reply-To: [email protected] Jeri- (Not sure about the thread this email came attached to but here goes)
Yes, you can use Restricted Group policy for this purpose. Its under Computer Configuration\Windows Settings\Security Settings\Restricted Groups. Simply link a GPO to the OU(s) where those laptop machine accounts reside and then set the "Members of this Group" option on the local Administrators group and add your manager's user id. Note that using this option is an exclusive arrangement, meaning that if you only add the local manager's account, all other groups (except local Administrator) will get removed from the local Administrators group, so you'll need those other groups in the list if you don't want that to happen. Darren=20 List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
