GP editor question

[roger]

I think i asked this question, but i don't think ive gotten it fixed yet.

xp pro SP2 installed. Single computer, no domain.
Goal: Prevent any user except one specific administrator from changing any
settings within secpol. Is this possible? if so, how?

 

[Wesley Vogel]

can get you to Administrators, but not one specific Administrator.

How to apply local policies to all users except administrators in a
workgroup setting in Windows 2000
http://support.microsoft.com/?id=293655

HOW TO Apply Local Policies to All Users Except Administrators on Windows
Server 2003 in a Workgroup Setting
http://support.microsoft.com/kb/325351

--
Hope this helps. Let us know.

Wes
MS-MVP Windows Shell/User

In

 

[Steven L Umbach]

Only administrators can open and use Local Security Policy. While
realistically you can not restrict a knowledgeable administrator what you
could try is to give users/group deny permissions to the
\Windows\system32\group policy\machine folder and that user or user in the
group will not be able to open Local Security Policy of local Group Policy
unless they figure it out and remove the deny permissions. --- Steve