I don't set the rules
I just follow the script
and, unfortunately, modern kit DOES have all the whistles and bells [USB / FDD / CD-DVD ROM]
it was / still is an easy option
it allows any user who has an account on the server, to log in and have admin rights on that machine
ANY machine in the domain
have seen and implemented it in too many places now
nothing suprises me anymore
I would have thought / hoped that there was a 'better' way that would be easier to implement that would 'filter' some accounts, and allow others
but, so far, login and be your own admin
there ARE restrictions on www usage and D/L's
but to me, the words 'stable door' and 'horses' come to mind ..............
Reply With Quote