|It is NOT clear from what you've said so far whether you're talking about the built in Administrator user, or allowing a user other than that who presently has limited privileges to have administrator privileges - be designated a Computer Administrator for their user other than the built in Admiinistrator user. All users of XP have administrator privileges by default, except the built in Guest user if that's enabled which has limited privileges, unless someone with administrator privileges changes that to limited privileges. |
See the last part of response 2:
"I am forced to provide admin user for limited time"
In any case, if you're NOT talking about the built in Administrator user, any new user(s) he makes BEFORE whatever reason expires for his user to have administrator privileges and his user has been changed to having limited privileges can be deleted. If his user has limited privileges he can't change that so he has administrator privileges.
However if he knows he can access the built in Administrator user in Safe mode, it has no password by default and he could still make his own user(s) that has(have) administrator privileges at any time.
It's a matter of whether he knows enough to get around the way things are, as LMiller7 said, and/or how determined he would be if he doesn't and wants to find out, and his ethics - morality - can he be trusted to NOT do that even if he knows how or he finds out how..
I sometimes help out at an extended care center. They have a computer room any resident can access that has several computers set up as a local network, all of which are presently using OEM XP Home. The "Residents" user has been assigned limited privileges on all the computers in that local network, and the XP built in Administrator user has been assigned the same password on all the computers. Only a very few trusted people know the password for the built in Administrator user - it has been changed several times.
When someone needs to install a program or game and the limited privileges of the Residents user prevents them from doing that, one of the few residents or a staff member who knows the built in Administrator user password does that for them, or assigns administrator privileges to the Residents user for a short time so the person can install what he wants to install, or if they contact me, I'll do the former for them.
The extended care center has a mix of ages of residents, teenagers to seniors, whose computer literacy varies for those who have used them, yet there has been NO PROBLEM that I know of of anyone having made their own user that has administrator privileges on any of those computers over the 9 years I've been helping out there.
I suspect that's because of morality - the few residents and staff members who DO know how to get around things have not done so because that wouldn't be right.
If you don't trust this guy, can you do whatever he wants to do for him rather than him doing it ?