I need an admin account whose password other admin accounts can't change.\n\nThe Microsoft way to make the administrator password inaccessible to other\nadministrators is to force the creation of another security scope: a new\nbox, a new domain, a new virtual machine.\n\nWhat I need is a way to keep battling adminstrators of the same domain from\nlocking each other out.\n\nCan this be done, with or without other tools?\n\nThe need is especially acute on laptops, whose owners should, kind of, have\nadmin permissions, anyway. Some people are nice and won't mess with you.\nBut you get wretched people too, people who should probably be driving cabs\nbut get hired anyway who will make me use ERD to recover the password.\n\nIsn't anyway to get a programmer into Internet Services Manager without\nmaking him an admin? This is just wrong. I need to withhold configuration\ncontrol from warring programmers.\n\nConsidering these problems, I'm amazed Microsoft ever sold copy 1 in an\nenterprise environment. Nice desktop, but as an enterprise OS, the security\nfeatures are lacking.