A local group is created and available only on a local, single computer. Windows creates default local groups automatically during installation. These groups have default rights, permissions, and group memberships. You can rename these groups, but cannot delete them. Some default groups are listed in the following table:
|Administrators||Members of the Administrators group have complete and unrestricted access to the computer, including every system right. The group contains the Administrator user account (by default) and any account designated as a computer administrator.|
|Backup Operators||Members of the Backup Operators group can back up and restore files (regardless of permissions), log on locally, and shut down the system. However, members cannot change security settings.|
|Users||Members of the Users group:
You should know the following about the Users group:
|Power Users||Members of the Power Users group have no more user rights or permissions than a standard user account, by default. For legacy applications requiring the same Power User rights and permissions that were present in previous versions of Windows, administrators can apply a security template that enables the Power Users group to assume the same rights and permissions present in previous versions of Windows.|
|Guests||Members of the Guests group have limited rights (similar to members of the Users group), such as shutting down the system. Members of the Guests group have a temporary profile created at log on, that is then deleted when the member logs off.|
Note: Additional groups, such as Network Configuration Operators and Replicator, also exist. Additionally, many features or applications may create default groups. In most cases, you should not modify the membership or privileges of these groups without understanding how they are used.