?
Solved

Disable Cross-Domain Logins

Posted on 2007-04-02
2
Medium Priority
?
200 Views
Last Modified: 2010-04-18
The organization has one parent domain and three child domains.
In these domains, there are a few location specific "generic" logins for multiple users to share.
How do I disable logins between child domains on a specific set of computers. For example: If Computer1 is joined to child DomainA... how do I disable users on a Computer2 in child DomainB from logging in using credentials in DomainA? Basically, I don't want them to be able to hit the drop-down box and choose a domain other than the one the PC is joined to.

Thanks,
0
Comment
Question by:sometechguy
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 30

Accepted Solution

by:
LauraEHunterMVP earned 2000 total points
ID: 18839017
You cannot remove a partial list of trusted domains from the drop-down box. If you wanted to pursue this option, you would need to make a Registry change on your clients that would disable the drop-down entirely; your users would need to log in by entering "Domain\Username" or "user@domain.com" in the username field.

A better choice in my opinion would be to confgure the "Logon Locally" user right within Group Policy to control who can log in where.  So you might configure a GPO for workstations in DomainA so that only DomainA\Domain Users have the logon locally right, and similarly for your other domains.

Hope this helps.

Laura E. Hunter - Microsoft MVP: Windows Server - Networking
0
 

Author Comment

by:sometechguy
ID: 18839072
Of Course! Why didn't I think of that! Thank you very much.
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
Here's a look at newsworthy articles and community happenings during the last month.
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses
Course of the Month12 days, 13 hours left to enroll

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question