Solved

restrict computer for only one user in windows 2003 server

Posted on 2006-11-17
17
1,792 Views
Last Modified: 2008-01-09
hi
i have these question
if i have windows 2003 sever with active directory domain controller (domain oil.gov.iq)
and i have user1 and user2 and user3 and user4 .....etc(domain user)
with computer1 and computer2 and computer3 and computer4 ...etc (client computer)

i want to to alow only user1 to enter to computer1 and other user can not enter to this computer using domain username and password
and if i wnat the only user2 and user3 can enter to computer2

how i can restrict user from enter to specific   computer (only one username and password can enter to only one computer)

i mean if the user1 go to other computer (like computer2) i want the user can not enter to this computer using his username and pasword it can be enter to domain only from his computer (computer1)


its urgent

thanks
0
Comment
Question by:nasemabdullaa
  • 7
  • 5
  • 3
  • +1
17 Comments
 
LVL 14

Assisted Solution

by:inbarasan
inbarasan earned 50 total points
ID: 17963524
You may probably give Log on Locally rights only to that user in User rights assignment. You can access it from local security policy. Check it out
0
 
LVL 9

Accepted Solution

by:
csk_73 earned 300 total points
ID: 17963526
Hi nasemabdullaa,

Edit the AD user properties. In the accounts tab there is a button to set the computers where the user can log-in. I suppose it's something like "log-in from ..."
There you can set the computers the user can log-in.

Sorry, I'm not able to tell the exact name of the program, tab and button to press. I use spanish windows 2003.

Hope this helps!

Cesc
0
 

Author Comment

by:nasemabdullaa
ID: 17963576
hi
thanks for your reply
>>>Edit the AD user properties
iam enter to account user properties but i can not find where i can find (log-in)



>>>You may probably give Log on Locally rights only to that user
you mean from local security policy in server


thanks
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 
LVL 14

Expert Comment

by:inbarasan
ID: 17963594
I belive that he is requesting you to do this from AD. Log in DC and open Active directory users and computers. Click on the user and go to properties
There you will login from.

Check it
0
 

Author Comment

by:nasemabdullaa
ID: 17963622
hi
thanks for your reply
can i add more than one user for only one computer

thanks
0
 
LVL 9

Expert Comment

by:csk_73
ID: 17963642
you can set many users to log on one computer, simply add the same computer to the allowed workstations list for each user that you want to be able to log onto that computer.

You are setting to what computers can log each user.

Cesc
0
 

Author Comment

by:nasemabdullaa
ID: 17963724
hi
thanks for your reply
in user properties i found this bottom
general - address - account- profile-telephon-  organization-environment -session-remote control-terminal service profile - com+-publish certificat -member off- dial in- object-security

there is no bottom  login from

thanks
0
 
LVL 43

Assisted Solution

by:Steve Knight
Steve Knight earned 150 total points
ID: 17963799
Just to clarify a little, I think what is being suggested at here is under the account tab there is a "logon to" button.  Click in there and add the computernames of the computers you like the person to logon to -- add as many as you want, i.e. for user1 just add computer1, for user2 add computer2 and user3 add computer2

The other way is to restrict their user accounts by amending the local security policy as also suggested or through a group policy but if this is really for a handful of machines then do as above.

Steve
0
 

Author Comment

by:nasemabdullaa
ID: 17963828
hi
thanks for your reply
>>>The other way is to restrict their user accounts by amending the local security policy
can you explain more
how i can do that

thanks
0
 
LVL 43

Assisted Solution

by:Steve Knight
Steve Knight earned 150 total points
ID: 17964030
As inbarasan said originally really.... Assuming nothing has been set at the domain level you could go to Admin Tools | |local security policy, drill down under computer settings and user rights and enter the Allow logon locally user right.  This will list the users and groups that can logon to this comptuer from the console.

You can uncheck ones you don't want .... make sure at least Admins group is in there eh....

or You can add people you DON'T want to logon to the Deny Logon locally user right either through a new local group you create or directly with their username,

Alternative is to remove the users from the local groups, i.e. rather than havign the "domain users" group as a member of the local Users group (computer managemtn, user and groups, .... etc.) remove it and instead add user1.  Then only user1 is in the Users group and the Users group has access to the PC...

hth

Steve
0
 

Author Comment

by:nasemabdullaa
ID: 17965088
hi
thanks for all
0
 
LVL 43

Expert Comment

by:Steve Knight
ID: 17965634
"hi, thanks for all".

For future reference there is a Split points button at the bottom of the quesiton...
0
 

Author Comment

by:nasemabdullaa
ID: 17965691
hi dragon-it
iam realy sorry
i do not know i can split the point

iam sorry again

thank
0
 
LVL 43

Expert Comment

by:Steve Knight
ID: 17965801
Should you change your mind or want any amendments in the future all you have to do is post a question here

http://www.experts-exchange.com/Community_Support/

0
 
LVL 43

Expert Comment

by:Steve Knight
ID: 17986423
Thanks!

Steve
0
 
LVL 14

Expert Comment

by:inbarasan
ID: 17986741
Thanks nasemabdullaa
0
 

Author Comment

by:nasemabdullaa
ID: 17987403
hi
thanks dragon-it and inbarasan and  csk_73
for help to me

0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How can I increase the cpu to the virtual machines? 5 90
Problem pinging RRAS server from outside the network 11 87
What is this Task? 4 111
DHCP lease duration / Migration 8 53
by Batuhan Cetin Within the dynamic life of an IT administrator, we hold many information in our minds like user names, passwords, IDs, phone numbers, incomes, service tags, bills and the order from our wives to buy milk when coming back to home.…
Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

778 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question