If it is only Windows 2000/XP, thenyou could create a Kixtart script containing the local admin password that runs at startup and adds the logged in user to the admin group. you then create a second script that removes the suer upon logoff and run that via policies. However, if the computer is nit shut down cleanly, the user will stay int he admin group.
Secondly it is easy for that user to make himself a member of the admin group permanently.
Personally, I would give those users the local admin password to those computers. It is also not a safe way of doing business but less trouble with the same end result.
However, I would only do this if there is absolutely no other way because I wouldn't trust those machines anyway since they are in a non-secure environment.
[ 03. September 2002, 23:27: Message edited by: sealeopard ]
_________________________
There are two types of vessels, submarines and targets.
