It depends on what you mean by local administrative rights. If you mean to just give a user "user rights," which...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
elevates their privilege to perform administrative tasks, then yes. To do this, just create a GPO (or modify the local GPO) and link it to the organizational unit which contains the user's computer account. Inside the GPO, configure the appropriate user rights (under the Computer Configuration|Windows Settings|Security Settings|Local Policies|User Rights Assignment).
If you want to give the user more broad power, you can use a group like the Power Users group. However, I think that this group is not as useful as we once thought. Neither does Microsoft, as they are getting rid of the Power Users group in the next release of Windows (Vista). They are moving to a concept of LUA (Least Privileged User Account).
Microsoft has not yet developed a solution for the LUA account, since they don't have anything they can configure to allow the user to function as a LUA, but be able to perform other administrative tasks, which is what you are asking. However, there is a third party solution called PolicyMaker Security Application. This tool works seamlessly with Group Policy and allows individual tasks and applications to be elevated to administrative levels. Other solutions like RunAs, RunAs Professional, and Drop My Rights are for administrators, not end users. These tools don't provide the end user with the least privilege access.
Dig Deeper on Microsoft Group Policy Management
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.