Problem Restricting Users Logging onto specific PCs
Posted on 2006-05-19
I have enabled a security policy thru Active Directory>Users And Computers
where in the USER properties ACCOUNT>LOG ONTO WORKSTATION, I have defined the PCs for which each user is allowed to log onto.....this works great for Windows PCs connected to the LAN. Users can ONLY log onto the PCs which have been specified in their active directory profile.
However, I have 3 problems....
1) Laptops (these are connecting thru a wireless)......the domain userid is created on the laptop.....the user can log onto the domain, thru the laptop. Can connect to all network drives....the laptop's computer name is defined in the list of LOG ONTO WORKSTATIONS noted above....so far so good..... the problem is that the user can not
get Outlook to connect to the Exchange Server. Even, if the laptop is defined in the user's AD profile.
I have to allow the user to log onto any PC in order to get this to work.
2) Linux PCs using Evolution. Can not even successfully log onto domain, even if PC is joined to domain, unless the user profile in the AD is set to allow login to any PC.
Allowing users to log onto any PC violates our local security policy.
How can I restrict user logons to certain machines, but at the same time get Exchange to allow a connection from a laptop and allow a Linux PC to log on. ( and connect to the Exchange server with Evolution)
Please advise. Thanks.