[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now


Problem Restricting Users Logging onto specific PCs

Posted on 2006-05-19
Medium Priority
Last Modified: 2010-04-11

I have enabled a security policy thru Active Directory>Users And Computers
where in the USER properties ACCOUNT>LOG ONTO WORKSTATION, I have defined the PCs for which each user is allowed to log onto.....this works great for Windows PCs connected to the LAN.  Users can ONLY log onto the PCs which have been specified in their active directory profile.

 However,  I have 3 problems....

1) Laptops (these are connecting thru a wireless)......the domain userid is created on the laptop.....the user can log onto the domain, thru the laptop.  Can connect to all network drives....the laptop's computer name is defined in the list of LOG ONTO WORKSTATIONS noted above....so far so good.....  the problem is that the user can not
get Outlook to connect to the Exchange Server.  Even, if the laptop is defined in the user's AD profile.
I have to allow the user to log onto any PC in order to get this to work.

2) Linux PCs using Evolution.  Can not even successfully log onto domain, even if PC is joined to domain,  unless the user profile in the AD is set to allow login to any PC.

Allowing users to log onto any PC violates our local security policy.

How can I restrict user logons to certain machines, but at the same time get Exchange to allow a connection from a laptop and allow a Linux PC to log on. ( and connect to the Exchange server with Evolution)

Please advise.  Thanks.
Question by:rstuemke
  • 2

Accepted Solution

sr1xxon earned 2000 total points
ID: 16719089
1. give the laptop users the right to log on to the exchange server over the network.

2. if your linux pc's have rights to log on to your DC's, can they then log onto the domain and access priveleged resources?


Author Comment

ID: 16719391
I am a filthly liar.........I meant OWA in the first posting and not Outlook.  Outlook works fine if the PC is joined to the domain.  It is OWA which has the problem, requiring me to remove logon restrictions.

Linux also has the problem with OWA, AND LOGON.

The laptops and home PCs are having problems with OWA.

All pcs and laptops are in the same OU.

Laptop users login as domain users, the domain userid is created on the laptop and they log into the domain.

Linux users also log into the domain, in a similar set up.

Author Comment

ID: 16721068
Allowing the user to logon to the exchange server fixed the problem.....this server is not accessible so no security risk....besides, the users will be ignorant........ignorance....one of the best security policies around.....

Featured Post

Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is about my experience upgrading my consulting machine to Windows 10 Version 1709 (The Fall 2017 Creator Update)
Securing your business data in current era should be your biggest priority. Numerous people are unaware of the fact that insiders commit more than 60 percent of security breaches. You need to figure out the underlying cause and invoke your potential…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question