depending on your setup, this could be done a variety of ways
making a network user a local admin
making a local admin account for the user (lots of work to make them unique to each machine)
one need not run as an admin to have the benefits of knowing admin credentials.
The benefit (or the cost) of that is obviously up to you and yours.
I fall in the middle of the argument (between let them run free and lock them down to nothing) in terms of employees.
Letting students run as admin, seems a little nuts, giving students access to admin credentials isn't a much better solution.*
If you need examples of what students do wrong with computers, things that put the school at risk and liable please hit me up off list (not the point of this discussion).
I get that people take better care of resources that they are the sole beneficiary of, but some of the potential negatives aren't just limited to the individual user or machine.
In addition, I once had a knowledgeable employee user waste 2h installing the wrong version of a piece of software
and our mail server was once taken down bc a user brought in a mass mailing virus from home.
Many of these issues can be addressed with proper PD, some of them cant.
I am not telling anyone what to do, just passing along my experience.
I am writing this as a person who has students 9-12 (we are k-12) its at that age group where the malicious behavior seems to occur (those few bad apples that spoil the bunch)
For those of you going this route, consider issuing SD cards if your machines have SD card readers built in. Although there is a privacy downside (some other user steals the card) Since the card resides in the machine, its always there (less likely to be lost or misplaced like a flash drive) and is an option for the user to use for BKP or file transfer.
* mitigated in large part if these machines are running on their own separate network (separate from the school and each other).