In case any other admins replace the security template, and I would know by using this unique registry key. Also...
by using this registry key, I would also know the number of desktops deployed with the desired security template.
Sure, it's possible to plunk in your own registry key using security templates, but I don't think your ultimate goal is going to be achieved. To me, it sounds like prevention is the most important thing you'll want to perform here. That is, the prevention of other admins stomping over the security template you lay down on those 4,000 desktops. In short, admins are admins, and registry key or not, there's nothing you can do really to stop a fellow admin if he's set on changing it.
Dig Deeper on Microsoft Active Directory Security
Related Q&A from Jeremy Moskowitz
Expert Jeremy Moskowitz explains to a reader what is required when making changes to a registry key in Group Policy.continue reading
Can I append Domain Groups to the local 'Admin' Group of Domain Computers without affecting the exis
Expert Jeremy Moskowitz explains what an admin would need to do to append Domain Groups to the local 'Admin' Group of Domain Computers without ...continue reading
How can I restrict rights for a group of users on a specific OU of computers, but not on any compute
Expert Jeremy Moskowitz shows a reader how to use loopback policy processing to restrict rights for a group of users on a specific OU of computers.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.