A
Anand Shankar
Under our Domain Policy, we wish to implement a strict regime of users not
having ANY local administrative privilege. We wanted to avoid users
installing any new software without a formal request. We therefore seized
all loacal Adminisratator passwords.
To our dismay, we have following problems and want a solution for them:
a) Users are not able to use USB Storage devices, as it requires
Administrative Privileges
b) Users are not able to use Scanners / CD_Writers as it requires
Administrative Privileges
c) Users are not able to install a new printer / printer driver as it
requires Administrative Privileges.
Is there a way to do all this without giving local administrative
privileges?? I would like to have a OU-specific POWER-USER group whose
members can do all the above except use of USB storage devices, which I want
all users to have the privilege.
Anand Shankar
having ANY local administrative privilege. We wanted to avoid users
installing any new software without a formal request. We therefore seized
all loacal Adminisratator passwords.
To our dismay, we have following problems and want a solution for them:
a) Users are not able to use USB Storage devices, as it requires
Administrative Privileges
b) Users are not able to use Scanners / CD_Writers as it requires
Administrative Privileges
c) Users are not able to install a new printer / printer driver as it
requires Administrative Privileges.
Is there a way to do all this without giving local administrative
privileges?? I would like to have a OU-specific POWER-USER group whose
members can do all the above except use of USB storage devices, which I want
all users to have the privilege.
Anand Shankar