We are a K12 school district with a mix of XP and windows 7 machines. We use eDirectory to authenticate. We are at ZCM 10.3.

I have created a dynamic local user policy and associated it with every user. What I would like to have happen is when the user logs in for the first time, a new local user is created with the same username and password as eDirector for local access to the workstation. I would like the user to have full admin rights to the local machine.

I have the following settings set in the policy:

Use User Source Credentials (checked)
Manage existing user accounts (checked)
Member of Administrators, Power Users, and Users

Currently when a new user logs in, it logs them in just fine, creates the local user but the user does not have Admin Rights to the local machine.

Any users that have already logged in once to the workstation, when they relogin after someone else has logged into the machine, the local workstation authentication box appears requesting them for local machine credentials. (With the option to "change password to match" box)

I have checked the policies tab of the local ZCM agent and it says the policy was successfully applied.

Can someone educate me on the proper way to do this?

Thank you in advance.

Scott Getter