We are currently trying to allow user's to be admin's but blocking off certain access to the OS. Is there a way to block sudo access for an admin account? Most of our users don't need to access the terminal, so I can block it completely if I have to, but would like to just dumb down their access.
You could modify /etc/sudoers. I'm not sure if any recent versions of macOS changed our ability to edit that file or if it's SIP protected, but back in the old days I used to push out a modified version of that.