We are slowly working towards AD, hopefully sooner than later but that is a different group, Server Management. Being given 'Power User' or any other non 'user' account type is a privilege, anyone found to have stopped a service without express permission from myself will face misconduct charges, which may result in job loss! This wouldn't fly in our organization and that is part of the problem I have. Most of the users who are disabling these services are the associates in the IT/Support area who are afraid of Big Brother watching. Although these services don't monitor anything the user does just where the asset is located. Someday for me this job will be easy once the domain is in place, but until then I still have to construct these means to obtain a solution. I appreciate all the help I am receiving here and this board is awesome!! I am looking at editting permissions with Subinacl. I am hoping soulin will let me know the syntax I would need to deny these services for certain users. I am still not sure what happens if the user Disables the service, but hopefully I can find a way to both re-enable the service and restart the service if it was in the stopped and disabled state then change the permission for the user-deny to ensure it from not happening again. Who knows.....I know I have my work cut out for me. Thanks again.