allow owa but not domain login to desktops

how can I allow OWA access only for an AD account but not long on rights to computers on that domain.

I have a request to create a generic mailbox where any one who knows the password of that account can log in using owa but they should be prevented from using that account to log on locally on to the desktop.( roughly 300 plus PC's)

Earlier on novell we had groupwise enabled user but not on NDS. Users used to use web access and reply to mails.
Now on exchange I have to create AD account inorder to create mailbox.

Could you please help.

Anil.

anilnadellaAsked:
Who is Participating?
 
chumpletConnect With a Mentor Commented:
Ahh... indeed.  If you type in a random computer name, however, the settings will stick.
0
 
chumpletCommented:
Within 'Active Directory Users & Computers', double-click on the account that you want to modify (to edit the Properties), select the ACCOUNT tab, click on the "Log On To..." button, and finally select the radio button for "The Following Computers".  Obviously you won't want to select any computers at that point... you're just telling it to only allow logon to 'these computers' but then don't select any.  I hope that makes sense.

Let me know how that goes! :)

Chumplet
0
 
anilnadellaAuthor Commented:
if I leave the field blank it will go back to all computers.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
anilnadellaAuthor Commented:
I have tested this by giving a specific computer name.
After the whole AD & Exch sync it is not allowing user to use OWA from other computers.

I have logged in as admin and tried to use OWA but it failed.
0
 
anilnadellaAuthor Commented:
I will take that back, it is working.

Thanks a lot!.
0
 
anilnadellaAuthor Commented:
I am sorry, it is not working after the current logged in user logged of.
I think AD restrictions were not propagated to loged in user.

The issue now is - I have a AD account (test1) with logon rights to specific computer a sper you advice.

If I login as admin on a workstation and try to access OWA for test1 it is repeatedly prompting for password and after three attempts it is showing access denied message.

Any more suggestions!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.