One chestnut from my history in lottery game development:
While our security staff was incredibly tight and did a generally good job, oftentimes levels of paranoia were off the charts.
Once they went around hot gluing shut all of the “unnecessary” USB ports in our PCs under the premise of mitigating data theft via thumb drive, while ignoring that we were all Internet-connected and VPNs are a thing, also that every machine had a RW optical drive.
Removed admin access for all developers without warning and without a means for us to install software. We got access back in the form of a secondary admin account a few days later, it was just annoying until then.
I had the same problem once. Every time I needed to be an admin, I had to send an email to an outsourced guy in another country, and wait one hour for an answer with a temporary password.
With WSL and Linux, I needed to be admin 3 or 4 times per day. I CCed my boss for every request. When he saw that I was waiting and doing nothing for 4 hours every day, he sent them an angry email and I got my admin account back.
The stupid restriction was meant for managers and sales people who didn’t need an admin account. It was annoying for developers.
I worked at a big name health insurance company that did the same. You would have to give them an email, wait a week, then give them a call to get them to do anything. You could not install anything yourself, it was always a person that remote into your computer. After a month, I still didn’t have visual studio installed when they wanted me to work on some .Net. Then they installed the wrong version of Visual Studio. So the whole process had to be restarted.
I got a new job within 3 months and just noped out.
Local admin of your interactive account is just. Ad though.