I have a non-win2000 certified program that works fine on a stand alone machne under Win2000 prof if logged on as an administrator, or power user. It will not run for normal users. I understand some legacy applications behave this way. I don’t want to give everyone power user privledges with the ability to add users and manage accounts, as only certain people are suppose to use this computer. Is there a way to generate a group profile (or other work around) with security privledges between those of a power user and a normal user that will let them run these applications without all the other power user rights? I didn’t see any obvious settings in the administrator tools for local security settings.