Solved

Restrict user logon access to computers

Posted on 2006-10-19
5
273 Views
Last Modified: 2010-04-18
Hello there,

I'm running a network based on Windows Server 2003 SP1 Enterprise Edition. My question is whether it is possible to restrict logon access to the users to specific computers, so that they cannot logon to all computers in the network - locally, that is.
I know that it is possible to go to each user's object in AD and specify the computers in 'Log On To...", but I was wondering whether there is a 'batch' way to do this through group policy or some script.
Thanks in advance.
0
Comment
Question by:ntossiou
  • 2
5 Comments
 
LVL 26

Accepted Solution

by:
Pber earned 125 total points
ID: 17765550
You can do limited batch processing from from ADUC.

Just select multiple users with ithe ADUC console (CTRL+Click) or (SHIFT+Click)

The right click the highlighted users and select properties then just select Account Computer Restrictions and Log On to.

This will only work if the group of users is restricted to the same machines.

Other than that, it can be scripted.
0
 

Author Comment

by:ntossiou
ID: 17765652
Pber,

Thanks for the quick reply. Any example scripts you could provide?
0
 
LVL 26

Expert Comment

by:Pber
ID: 17765692
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Instant VM Recovery 4 101
Elevating Domain functional level 9 127
what is the performance monitor? How can we use it? 3 71
Server configuration for MS Access - SQL Server app 8 77
So you have two Windows Servers and you have a directory/folder/files on one that you'd like to mirror to the other?  You don't really want to deal with DFS or a 3rd party solution like Doubletake. You can use Robocopy from the Windows Server 200…
Recently, I had the need to build a standalone system to run a point-of-sale system. I’m running this on a low-voltage Atom processor, so I wanted a light-weight operating system, but still needed Windows. I chose to use Microsoft Windows Server 200…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question