 Re: Prevent Users from editing USERS.C
If the user has local admin rights, he basically owns the system. Even if you could somehow "protect" the user.c, they could simply uncheck SecureClient in the network settings to bypass the policy, disable the services or simply deinstall the software et cetera. So all you can do is to do some "security by obscurity" - which I do not recommend.
If the external people are not meant to disable the policy, then rather solve this by an agreement they sign than trying to lockdown something you can't. |