Use Local Security Policy/security settings/local policies/user rights where
you can modify the logon locally and deny logon locally user rights. The
deny setting overrides the logon locally setting and be careful as
administrators are also members of the users and everyone group. It
generally is best to avoid using the deny setting. --- Steve
