If you want to grant SA privileges to all local administrators, just create a sql login for the local administrator group and add it to the sysadmin server role.
If you do not want SA access, make sure that login is not part of the sysadmin server role.
However, a local administrator can impersonate other local windows accounts like the NT AUTHORITY\SYSTEM
account. That one always has SA access to any local SQL Server instance when using integrated security. That means you cannot really prevent a local admin from getting sysadmin access.
For details on gaining SA access to a SQL 2008R2 instance as a local admin, checkout this link: http://www.mssqltips.com/sqlservertip/2682/recover-access-to-a-sql-server-instance/