Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 475
  • Last Modified:

Limiting User Login Times

Hello everybody,
I am experiencing problems with people logging into other peoples computers and screwing things up. This is at a site where people are working 24/7. Due to funds there are only 4 computers and they are all on a workgroup, there is no server.

On one of the computers people are logging into that users account and deleting his/her files. The problem is the user will not listen to reason and keeps on giving out her password, and the security guard will not tell anybody who is gaining access to the computer. Quite a situation, I know, but we're working with an organization who doesn't seem to care for their own rules.

So what I was hoping to do was prevent anyone from logging onto that computer during a certain time frame. The OS is Windows 2000 Pro. I don't think it is possible to do it unless it is part of a domain, but does anybody know of a way that I'm not thinking of? How about some free/really cheap 3rd party software that will do this?

I'd like to avoid this user from being locked down so tight that he/she cannot do anything on the computer.

Thanks in advance,
Tekkie Geek
0
tekkiegeek
Asked:
tekkiegeek
1 Solution
 
sunray_2003Commented:
A command like this format should work

Net user "name of the user" /time:M-F,08:00-12:00

Sunray
0
 
VinnnnieCommented:
You should really get either Windows 2000/2003 Server as this is something you can specify for each user. You can specify what the login/logout times are. Very useful. You can download an Evaluation copy of 2003 Server from the Microsoft Site. Without a Server, there's not a whole lot you can do.
0
 
Casca1Commented:
If the user is giving out her password, then there is nothing you can do, short of locking her down. Even that won't truly help, as any files they can create, even if totally locked down, the same user can also delete.
Even in a domain, this would be an issue, though you might be able to tighten things up to the point of narrowing down who could have done it.
 You might still be able to narrow it down some, by implementing auditing on all PC's.
That way, you would know by logons who had accessed the other PC's legitimately at the same time that the files were deleted.
Not much of a solution, but if the user won't stop giving out her password, My response would be cry me a river... 8-)
Essentially, it would be like calling the cops because you were robbed while you were gone, having left the front door wide open, lights on, and a note telling where the valuables are... 8-)
0
New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

 
Casca1Commented:
In retrospect, even in a domain environment, there is only one way to prevent this situation, and that is limiting logon times. But, there is even a step further you can make.
 Make the user s liable (In a domain) for anything done on the network; Email, file storage, etc. Then make it a company policy to remove access if repeated violations of policy occur. Make secure, private passwords policy, and you should be able to nail both users.
You might not be able to do anything, and management might ignore you, but you can document what has been done and why, and if push comes to shove and they show YOU the door, having documented proof will at least prevent them from denying unemployment, and also give you a leg to stand on for suit. I mean, really, you have to look at worst case scenario's. If the user gives out the password, and some other user uses it to commit company or legal violations, you could be held responsible, if your the IS/IT guy. That includes file sharing or P2P programs with illegal material shared. Or sensitive data stolen. You would be in the hotseat, and with no documentation, the one left holding the bag.
Hmmm... Doomsday never sounds good, but you have to at least LOOK at the possible outcomes.
Even Libraries are worried about the DCMA, and they pretty much keep their systems locked down.
You run open systems with full access. If legal trouble happens, is the company going to say, our bad, it was our policies (Lack thereof) and our unwillingness to enforce same that led to the breach, or are they gonna say
We thought <TekkieGeek> was following the rules and doing his job.
I don't know about you or where you work, but I wouldn't trust MY boss to cover MY butt!
0
 
tekkiegeekAuthor Commented:
Thanks sunray, that is what I was looking for

Casca, don't worry, most of the stuff you are warning me about doesn't apply to me, I have my butt covered.
0
 
sunray_2003Commented:
Cool

Sunray
0
 
Casca1Commented:
Cool, just a thought... Who, Me Paranoid? 8-)
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now