Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Creating Restricted New Users

Posted on 2004-09-14
2
Medium Priority
?
189 Views
Last Modified: 2008-03-06
I want to create new users within Exchange 2000 that have full email functionality, but restrict them from sitting down at a workstation on our LAN (Windows 2000 domain) and log into the network.  What I'm noticing is that new users are members of the "Domain Users" group be default.  My thinking is if I remove them from this group, then they can not log into the LAN, but they also can not log into their email account (via OWA) because esentially it's part of the domain.  Am I on the wrong track here is there a way to restrict them from doing this?  

Sorry ahead of time if this question should be in the Windows 2000 Channel.
0
Comment
Question by:Clutch
2 Comments
 
LVL 15

Accepted Solution

by:
harleyjd earned 300 total points
ID: 12063374
Yeah, it probably should be in the W2k Channel, but half of the Q's there I've answered are exchange based...

In ADUC set the User "logon to" box to a computer that does not exist in your org. That means they will get denied on any valid workstation, but should still get OWA...

0
 
LVL 1

Author Comment

by:Clutch
ID: 12066754
harleyjd,

I added a "imaginary workstation to a test user's "Logon to" section of ADUC and at first it worked as far as keeping them from logging into workstations, but the bad news is they could not log into OWA.  I guess if you think about it, when they make an attempt to logon to OWA, what they are actually doing is logging into our Exchange server itself.

So, with that being said, I deleted the "imaginary workstation" from my test user's "logon to" box and added the name of our Exchange server.  This worked like a champ.  With this setting in place, I did some testing both on our LAN and from a remote user that accesses OWA from home.  

On the LAN they could not log into any workstations, but could successfully login to OWA.  So, I was in good shape there.

In the remote user's case, I was worried that they may still experience a problem logging into OWA since it's restricting their login to the name of our Exchange server, which may not be resolved since the workstation this user is using is entirely removed from our LAN.  However, it seemed to work just fine.

I think this will work fine.  

Thanks again!!
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As much as Microsoft wants to kill off PST file support, just as they tried to do with public folders, there are still times when it is useful or downright necessary to export Exchange mailboxes to PST files. Thankfully, it is still possible to e…
If something goes wrong with Exchange, your IT resources are in trouble.All Exchange server migration processes are not designed to be identical and though migrating email from on-premises Exchange mailbox to Cloud’s Office 365 is relatively simple…
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Suggested Courses

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question