Non-administrative users are given administrative privileges to complete their work all the time, even today. Misuse results in them being disciplined or fired. Heavy-handed privilege controls are very often a drain on the productivity of users and can result in stupid or dangerous (from a security standpoint) workarounds. 20 years on, you have to exercise more judgement in what you allow considering modern risks, but the idea that you shouldn't make things harder for people over a small number of bad actors that you can handle at an organizational level is still a good one.
