This Content Component encountered an error
This Content Component encountered an error
This Content Component encountered an error
I am creating a "Gold" image for a group of laptops to be used in a large WLAN. I am interested in locking down certain and various functions. I want to use Policy Editor on the local machine to accomplish this. I know that many or most of the changes using gpedit.msc will affect administrators.

How much of this can I prevent or mitigate and how do I do it?

The simplest way I can think of would be to create your local policies as needed and then set domain or organizational unit (OU) policies in Active Directory (if you have it) to grant these "rights" back to administrators. In this case, where there's a conflict, local policies will be assigned a lower priority than your AD policies and thus will be overridden.

EDITOR'S NOTE: Here are some links to help you lock down your Windows laptops:

  • Learning Center: Securing Windows laptops
  • Tip: Physical security for laptops
  • Step-by-Step Guide: Locking down laptops that connect to hotspots
  • Tip: Don't let laptops infect your network
  • Tip: Physically secure all systems
  • This was last published in September 2005
    This Content Component encountered an error

    PRO+

    Content

    Find more PRO+ content and other member only offers, here.

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.
    This Content Component encountered an error

    -ADS BY GOOGLE

    SearchVirtualDesktop

    SearchWindowsServer

    SearchExchange

    Close