• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 260
  • Last Modified:

How can I prevent someone from logging into the local machine (as opposed to the domain)

I've got a user that is getting around the policies that are in effect here by logging into the local pc and not our domain. He is thus able to "detect internet connection automatically" and connect straight through our router instead of the web proxy that's in place.
0
dwielgosz
Asked:
dwielgosz
2 Solutions
 
Pete LongConsultantCommented:
only allow out the IP address of the web Proxy on either the firewall of the router on TCP Port 80
0
 
dwielgoszAuthor Commented:
Don't want to totally restrict flow to 1 IP because there are several PCs in my server room that don't like having to go through the web proxy.
0
 
Pete LongConsultantCommented:
or on the client PC (or through domain policy if this is rife on your network)
Start > run > Gpedit.msc
Computer Configuration branch to expand it, and then double-click the Windows Setting branch to expand it.
Double-click the Security Settings branch to expand it, and then double-click the Local Policies branch to expand it.
Double-click the User Rights Assignment branch to expand it, double-click the Log On Locally branch to expand it,

Add in Domain users, and remove all the local groups except Administrators

job done :)
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
dwielgoszAuthor Commented:
Sounds good except the login that's being used is the local administrator account. Is there a way on the network to set the admin p/w on a local machine? I suppose I could restrict that machine to a static IP and then exclude that address on the cisco router. hahaha another learning curve.
0
 
Seelan NaidooMicrosoft Systems AdminCommented:
login as a Domain Admin and change the admin password, so how he cannot bypass domain security, or disable the account completely.
0
 
Rich RumbleSecurity SamuraiCommented:
You cannot disable the local admin account. You can however change the password with ease, right-click my computer, go to manage, then right-click "Computer managment (local)" and select "connect to another computer..." typo in the ip or the machine name, then reset the local admin pass, and any others also, he could be using the guest account if it's enabled, the guest account by default has no pass, but is disabled by default. If he's created other accounts, disable them, and reset their pass's.
-rich
0
 
dwielgoszAuthor Commented:
Yes, thank you both. I should have thought of that myself.  I did not want to physically go into that office and change it, I had forgotten about the remote login through "manage". Thought splitting the points was the best solution. The password has been changed already.
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now