Yes, this is what I have done because our base server admins are a bunch of egotistical, self-righteous, ..... Ok, sorry 'bout that. As unMicrosoft-recommended as it is, put specific user-id's in the permissions list of a server / array. This way jerky admins and others you don't want to have the ability to configure ISA can't add themselves to groups to get access. Make sure to leave the SYSTEM account in the list and make sure you don't apply changes without yourself having full-control :) -Shawn ----- Shawn R. Quillman Robert Bosch Corporation RBNA/CIT7 38000 Hills Tech Drive Farmington Hills, MI 48331 (248) 553-1164 (P) (248) 848-2855 (F) shawn.quillman@xxxxxxxxxxxx -----Original Message----- From: Periyasamy, Raj [mailto:Raj.Periyasamy@xxxxxxxxxxxx] Sent: Friday, August 02, 2002 1:29 PM To: [ISAserver.org Discussion List] Subject: [isalist] ISA server access security http://www.ISAserver.org What is the best way to restrict configuration access to the ISA server only to a specific user ID ? Can I remove the Full control permissions given to the Local administrators group ? Regards Raj ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: shawn.quillman@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')