Thus far I have not been able to find an acceptable answer to this. Simply put, a local administrator has administrative rights to the client and can do whatever they want to it. I’ve worked in an organization for 7 years that required their users to have locate admin rights on their workstations. In reality, they did not require it.
A best practice is to manage your networks with the practice of least privilege. This means that we give our users the ability to do what they need to do their jobs and nothing else. Anything else would be a waste of company time and resources since it is outside the scope of their job descriptions. Altering the user rights, or creating a group that had the appropriate user rights would solve this issue. This will take some research and testing, but the long term cost savings in user down time and IT support cost should easily justify the project.