Windows Domain Admin rights insufficient

I have a lab(ish) environment where I have a single domain in a single forest. I have a Windows 7 image for the clients that was given to my by my organization (I didn't build it, not entirely sure who did) and I'm finding that there are a number of items that users (even admin users, even domain admin users) can't change in the Windows 7 environment, including but not limited to Trusted Sites in IE, Power Options (specifically, configuring when to lock the display), etc. Those are the main two that I want to affect, but am presented the message that "some settings are controlled by your administrator.." that I've seen about a million posts about.

What I've tried so far
– Group Policies
– Registry settings
– Local Security Policies
– Unlocking the 'hidden' admin & using them
– Adding the users to the 'restricted group'

None of these seem to have an effect. The Group policies are applied, and GPResult show the as I would expect. As an example, I see a custom power profile that I applied in a GPO, and it even sets all the settings as I had it, except the 'disable display' setting, which is still set to what it was w/o my policy, and is still grayed out to prevent change.

Is there anything else I can look at to regain control over my client machines?

**** UPDATE ****
I didn't call it out before explicitly, but I have moved the computer into a new OU that doesn't inherit the GPO, and per suggestion I removed the machine from the domain. The settings remained in place. When that failed, I re-enabled the local admin and logged on as same to see if that would solve the issue, it did not. I suspected from the beginning that whatever the issue is was done at the image level, since all the workstations are built off the same image and (as demonstrated) it seems to be a setting that's neither set by the domain nor ignorable via group policies (at least not by means that I'm aware of)