[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Disable Cross-Domain Logins

Posted on 2007-04-02
2
Medium Priority
?
204 Views
Last Modified: 2010-04-18
The organization has one parent domain and three child domains.
In these domains, there are a few location specific "generic" logins for multiple users to share.
How do I disable logins between child domains on a specific set of computers. For example: If Computer1 is joined to child DomainA... how do I disable users on a Computer2 in child DomainB from logging in using credentials in DomainA? Basically, I don't want them to be able to hit the drop-down box and choose a domain other than the one the PC is joined to.

Thanks,
0
Comment
Question by:sometechguy
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 30

Accepted Solution

by:
LauraEHunterMVP earned 2000 total points
ID: 18839017
You cannot remove a partial list of trusted domains from the drop-down box. If you wanted to pursue this option, you would need to make a Registry change on your clients that would disable the drop-down entirely; your users would need to log in by entering "Domain\Username" or "user@domain.com" in the username field.

A better choice in my opinion would be to confgure the "Logon Locally" user right within Group Policy to control who can log in where.  So you might configure a GPO for workstations in DomainA so that only DomainA\Domain Users have the logon locally right, and similarly for your other domains.

Hope this helps.

Laura E. Hunter - Microsoft MVP: Windows Server - Networking
0
 

Author Comment

by:sometechguy
ID: 18839072
Of Course! Why didn't I think of that! Thank you very much.
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here's a look at newsworthy articles and community happenings during the last month.
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question