Solved

Control which users can login to a machine w/Active Directory

Posted on 2004-09-18
1
158 Views
Last Modified: 2012-05-05
I'm running 2003 server with Active Directory
How can I control which users can login to specific machines.
Right now even though everyone has their own account, Everyone can log into every computer and get into everyone elses stuff using windows explorer and its causing big problems with people snooping around.

I need to basically assign users to computers and block everyone else who shouldn't be allowed to use them from being able to log into them.

Please describe step by step how to assign certain computers to a user / block all but certain users from a machine using Active Directory.

Thanks!
0
Comment
Question by:Matrix1000
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 85

Accepted Solution

by:
oBdA earned 500 total points
ID: 12093198
In ADUC, in the user's profile, you can specify which machine(s) the user is allowed to logon.
But that's only treating the symptoms, not the cause.
If people are able to "snoop around", then your permissions are set incorrectly. With correct permissions set, people can logon to any machine without seeing anybody else's files. Assign home drives to your users, let them store their data there, which gives you the possibility to backup that data as well. Set proper NTFS permissions on the home drives, and your users could even (but shouldn't) be local administrators on the machine, without having access to other people's data.
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Organizations create, modify, and maintain huge amounts of data to help their businesses earn money and generally function.  Typically every network user within an organization has a bit of disk space to store in process items and personal files.   …
This may not be a text book method to resolve VSS backup issues but it seemed to have worked on few of the Windows 2003 servers we had issues while performing a Volume Shadow Copy backup. If you have issues while performing a shadow copy backup usin…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question