Hello All,
I would like to give to my users, who do not have administrative privileges on their local Windows boxes, the ability to use other credentials with admin privileges so they install. So, it's easy enough to create an admin account, however, I'd like to prevent people from actually using it to login into windows (thus bypassing my domain and its GPOs) and prevent creating a local profile (sort of like /sbin/nologin in /etc/passwd). Like this, I can restrict the use of the admin account to its intended purpose - allowing them to install, but making them jump through a hoop. Or is there a better way to lock down users but still allow them to install? Kish N Kepi
