Link to home
Start Free TrialLog in
Avatar of erndog5800
erndog5800

asked on

Restrict logon hours by user and location through group policy?

I have a Windows Server 2003 domain with 2K clients and there are several labs that I'd like to restrict access to after a certain time of day.  Simply limiting logon hours doesn't help me because I need users to have access to computers in other sections of the building.  Is there any way for me to selectively limit logon hours based on workstations or OUs?

SOLUTION
Avatar of CoccoBill
CoccoBill
Flag of Finland image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of erndog5800
erndog5800

ASKER

Hmm.  I'd prefer to not have to buy software, and we're talking about a few hundred workstations.  I suppose a script could be written that checks the name of the workstation, as all of the PC's in that lab start with the same characters.  For example, all machines in lab 321 are named LAB-321-01, 02, 03, etc.  Can you do machine name wildcards in scripting? I was hoping there was something built into windows server 2003 that I was missing, but a script- or software purchase- may be the only way to do this.  Any other thoughts?
ASKER CERTIFIED SOLUTION
Avatar of David Lee
David Lee
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of erndog5800
erndog5800

ASKER

Which is exactly what I ended up doing.  I just wrote a .vbs script that checks the time and logs out the user if it is after the time the lab is supposed to be closed.  The labs are in their own OUs, so I just run scripts in those OUs that call the .vbs file

 Thanks!