Solved

Control which users can login to a machine w/Active Directory

Posted on 2004-09-18
1
157 Views
Last Modified: 2012-05-05
I'm running 2003 server with Active Directory
How can I control which users can login to specific machines.
Right now even though everyone has their own account, Everyone can log into every computer and get into everyone elses stuff using windows explorer and its causing big problems with people snooping around.

I need to basically assign users to computers and block everyone else who shouldn't be allowed to use them from being able to log into them.

Please describe step by step how to assign certain computers to a user / block all but certain users from a machine using Active Directory.

Thanks!
0
Comment
Question by:Matrix1000
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 84

Accepted Solution

by:
oBdA earned 500 total points
ID: 12093198
In ADUC, in the user's profile, you can specify which machine(s) the user is allowed to logon.
But that's only treating the symptoms, not the cause.
If people are able to "snoop around", then your permissions are set incorrectly. With correct permissions set, people can logon to any machine without seeing anybody else's files. Assign home drives to your users, let them store their data there, which gives you the possibility to backup that data as well. Set proper NTFS permissions on the home drives, and your users could even (but shouldn't) be local administrators on the machine, without having access to other people's data.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question