boomtech
asked on
lock a user’s account
Question:
How can I lock a user’s account at 3:30 pm that the user can’t get access to his computer until I unlock his account we are on a Windows server 2003 Active directory with XP pro clients
Thanks
Phil
How can I lock a user’s account at 3:30 pm that the user can’t get access to his computer until I unlock his account we are on a Windows server 2003 Active directory with XP pro clients
Thanks
Phil
Last Comment
In the Account properties of that user, there is an option that says Logon Hours, that option allows you to deny access to that account in the hours and days you specify. Select those hours and the click in the Logon Denied radio button. Hope it helps
The quick and dirty way would be to disallow logins from that account based on time of day which you can do in the properties of the user's account. A different way, albeit more complicated would be to programmatically disable the account using a vb
Oops! to continue... you can write a script to disable the account and launch it from the scheduled tasks utility on the server. You probably find a script to do this on www.microsoft.com/technet under the scripting section.
ASKER
I’m not very familiar with the scripting can you be a little more specific and I only nned it for one user account
Thanks
Phil
Thanks
Phil
Boom, the clarify something here, should the users account be locked everyday at 3:30 pm, and then unlocked in the morning? If so aquevedo81's solution would be perfect.
Or are you trying to lock the user out at 3:30 each day until manually unlocked?
Or is this a one time deal for the user, such as a suspension/termination type case?
Or are you trying to lock the user out at 3:30 each day until manually unlocked?
Or is this a one time deal for the user, such as a suspension/termination type case?
ASKER
one time deal for the user, such as a suspension/termination type case
You could go really low tech and try logging in as him several times with a bad password at 3:30!;)
ASKER
I was trying to do this without my interaction I will be at a dentist appointment at 3 pm
Worst case scenario, adopt aquevedo81's tactic for the logon hours (ie, allow access from 2 hours before his normal start time, deny after 3:30pm) and then you can disable/delete the account in your normal process/procedures after your appointment or the next morning.
ASKER
You can’t set ½ hours only 1 hour increment that will also not log the user off there current computer
A locked account does not log a user off either, but it can restrict their access if future authentication is required. I assume someone is going to walk this terminated user out? If so, they can be just instructed to log the user off.
I would assume you are trying to remove access so the user cannot get in via any sort of remote access after being removed from the site? Or are you trying to just cut them off as they work?
I would assume you are trying to remove access so the user cannot get in via any sort of remote access after being removed from the site? Or are you trying to just cut them off as they work?
The command:
net user <username> /active:no
will lock the account. Change no to yes to unlock.
net user <username> /active:no
will lock the account. Change no to yes to unlock.
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
Windows XP
Microsoft Windows XP is the sixth release of the NT series of operating systems, and was the first to be marketed in a variety of editions: XP Home and XP Professional, designed for business and power users. The advanced features in XP Professional are generally disabled in Home Edition, but are there and can be activated. There were two 64-bit editions, an embedded edition and a tablet edition.
119K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
