[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Cannot access domain through Secpol.

Posted on 2004-09-01
5
Medium Priority
?
290 Views
Last Modified: 2010-03-18
Hi

I want to control which domain users can and can't log on to a certain workstation. I logged onto the workstation as a local administrator and ran the secpol snap-in. I went to Local Policies/User Rights Assignments/log on locally and could see all the local & service accounts, but I could not access the domain - the box was grayed out.

Any ideas?
0
Comment
Question by:Jason210
  • 3
  • 2
5 Comments
 
LVL 15

Accepted Solution

by:
adamdrayer earned 500 total points
ID: 11952536
are you running Active Directory?  What kind of network is this?

all aspects of domain administration is centralized.  You do not set local security policies to control this.  The user will be logging into the domain, not the local computer, so you need to deny him access to the domain fom that particular machine.  If you are using Active Directory, you can set this in the user properties in Active Directory Users and Computers.

If you are not using AD please specify what OS the domain controller and workstation is running
0
 
LVL 11

Author Comment

by:Jason210
ID: 11952733
Hello

Perfect! I am using AD and I found the security tab where you said it should and bingo.

Thanks!
0
 
LVL 11

Author Comment

by:Jason210
ID: 11952804
Would be obliged if you could tell me in the same column how, once I have found the computer in AD, how I go about restricting certain domain users from logging on to that computer?'

Thanks...
0
 
LVL 15

Expert Comment

by:adamdrayer
ID: 11952992

I'm not at a domain right now.  The only way I am sure how to do it is to go to the properties for the USER and click the ACCOUNT tab.  Then Click the "LOG ON TO" button and restrict Computers.

Sorry if you closed out the question too early.  If you would like, I'll post a question in the Windows 2000 forum asking if there is a way to do it by computer.
0
 
LVL 11

Author Comment

by:Jason210
ID: 11956064
Don't worry about my closing the question too early. I'm not at a domain right now either, but I'll go throgh what you said tomorrow and I can't get it to work then I'll repost the question myself-

Thnx
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Greetings, Experts! First let me state that this website is top notch. I thoroughly enjoy the community that is shared here; those seeking help and those willing to sacrifice their time to help. It is fantastic. I am writing this article at th…
Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question