Keeping domain users from being local administrators is a security issue. I
am not sure whether you are going to find any whitepapers that discuss this,
but IMHO giving users local administrative privilege creates more problems
than it solves. End users can do nearly everything having regular
permissions.
I would basically detail all of this in a memo, and give them a couple of
scenarios, and show what could happen if they had local admin privilege, and
then what will happen if they don't.
HTH
____________________________________________
Andre Correa
Senior Manager/Information Technology
Lexitron, Inc
(201) 892-6399
-----Original Message-----
From: Greg Marcom [mailto:[EMAIL PROTECTED]]
Sent: Thursday, August 30, 2001 1:22 PM
To: NT System Admin Issues
Subject: Local User account selection
I need to find a list or article that details why a domain user should not
be part of the local admininstrator group. I have been telling these
people that it is not safe, and it is wrong. But I can't find anywhere on
paper that I can show them. Does anyone have any suggestions?
Greg Marcom
[EMAIL PROTECTED]
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
