www.kreslavsky.com

There is no 100% foolproof  solution that blocks local admin users access the option of disjoining their computer from domain , but you can make it harder to get to system menu.

I remove the "properties" from when you right click on my computer.
Then i also remove system applet from control panel menu ,and disable registry editing.

To disable right click on my computer go to Group Policy.
Navigate to  User Configuration>Administrative templates>Desktop
Locate “Remove Properties from the My Computer context menu” and set it to “Enable”

You should check also How disable  Right Click Properties on my computer on windows 7/Vista

Than navigate to User Configuration>Administrative templates>Control PanelLocate “Hide specified Control Panel applets”Set it to “Enabled” and add Sysdm.cpl to the list of disallowed Control Panel applets.

To block Sysdm.cpl  from executing

Navigate to User Configuration>Administrative Templates>System

Navigate to “Don’t run specified Windows application” set it to “Enabled” and add Sysdm.cpl  to the list of disallowed applications

Related Articles

• Windows Control Panel CPL Files list and description (0)
• Top Windows 7 Icons Download Sources (0)
• ***** MAKING MEGA VIRUS 2008 DESTROY WINDOWS ***** (25)
• Windows Server 2008 Hyper-V Demo on Quad-Core Intel Xeon (24)
• Prevent users from deleting start menu items via GPO (0)
• How to apply Windows 2008 gpo when you have 2003 DC’s only (5)
• Change default save as location for Office 2007 via GPO (0)
• Terminal Server 2008 Sounds and Beeps on errors (0)
• Disable File And Folder Sharing, via GPO (5)