RobinAWilson
asked on
Resrtict a domain user or users in security group so that they can only log onto our portal server?
The senario is that we are school and have issued our parents with a username and a password in order for them to read details from our portal web site. We fear that a pupil will learn his parents password and use it to log onto the domain via an internal domain terminal. We want to restrict the logon so that it can only authenticate to the portal. The portal web pages are secured by domain user authentication. Thanks, Robin
QBRad
In Group Policy you could specifically deny them access and logon rights to every server except that one.
ASKER
If this is the case will they not need access to both a domain controller for authentication and the portal server?
Yes, dont block access to the domain controller but you dont have to allow them login rights to the domain controller either.
In Group Policy you can state:
Access this computer from the network
and
Allow logon through terminal services
I would set both of these to deny the parents on every server and on the dc just deny the logon part.
In Group Policy you can state:
Access this computer from the network
and
Allow logon through terminal services
I would set both of these to deny the parents on every server and on the dc just deny the logon part.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.