[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Limiting login to specific computer (domain)

Posted on 2004-10-12
11
Medium Priority
?
192 Views
Last Modified: 2010-04-14
We run a Windows 2000 DC here (active directory).  As you know, you can go anywhere and log into anyone's computer as long as you have a domain account. I need a way to prevent this from happening on my boss's PC. I want him to be the only one who can log into HIS pc

Is this something that is feasible? If so, does it  have to be defined at the domain level?
Thanks
0
Comment
Question by:dissolved
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 5
11 Comments
 
LVL 57

Expert Comment

by:Pete Long
ID: 12287505
yes

start >run  >gpedit.msc

locate the "log on Locally" right and remove everyone exept domain administrators and your bosses user account
0
 
LVL 57

Accepted Solution

by:
Pete Long earned 1600 total points
ID: 12287534
look in computer configuration > windows settings > security settings > local policies > user rights assignment > log on locally

double click it and add in your bosses user aboject then remove everyone else (though Id add domain admins to be on the safe side)
0
 

Author Comment

by:dissolved
ID: 12287625
Ok, so it is local policy I will be doing then?
0
Tech or Treat!

Submit an article about your scariest tech experience—and the solution—and you’ll be automatically entered to win one of 4 fantastic tech gadgets.

 

Author Comment

by:dissolved
ID: 12287686
Ok, just did it. Added her and myself to have local log in rights.

However, it would not let me click "APPLY" unless I added  "ADMINISTRATORS" to the logon local.  Is there anyway to have just her and I? Why must I include administrators? Any work around

Thanks Pete!
0
 
LVL 25

Assisted Solution

by:mikeleebrla
mikeleebrla earned 400 total points
ID: 12288396
administrators must be there, otherwize no administrator could log into the computer,,, and thats what administrators do.  Aren't you an admin?  So by adding the administrators you are already adding yourself.
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 12289083
mike is correct the administrators group is the local admin group on that PC anyway, as long as there is no one in that group (exept administrator of course you will be fine)
0
 

Author Comment

by:dissolved
ID: 12289163
If I add my domain account (which is a domain admin) and my boss's domain account , wouldnt that let me log in anyway?
0
 

Author Comment

by:dissolved
ID: 12289184
also, if there is a domain GPO that is created later down the road, it will take precedence over this local configuration I just did right?
THanks guys
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 12289220
>>If I add my domain account (which is a domain admin) and my boss's domain account , wouldnt that let me log in anyway?

yes

>>also, if there is a domain GPO that is created later down the road, it will take precedence over this local configuration I just did right?

YES! if this is going to be a problem create an OU put this PC in it and create a GPO just for that OU
0
 

Author Comment

by:dissolved
ID: 12290449
thanks guys
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 12295314
ThanQ
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Here in this article, you will get a step by step guidance on how to restore an Exchange database to a recovery database. Get a brief on Recovery Database and how it can be used to restore Exchange database in this section!
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…
Are you ready to place your question in front of subject-matter experts for more timely responses? With the release of Priority Question, Premium Members, Team Accounts and Qualified Experts can now identify the emergent level of their issue, signal…

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question