twcadmin
asked on
Join computer to domain but can't logon to computers
How do I create a user that can join a computer to the domain but can't logon to any computers?
I want to create a user for sysprep to use to join the computer to the domain but I don't want this user able to do anything else. I already added the user to "Add workstations to domain" right in the default group policy so all thats left is not letting the user log on. Is this possible? My first guess would be to add the user to "Deny logon locally" user right but would this prevent them from joining the computer to the domain? Can anyone suggest anything else to secure the account?
I want to create a user for sysprep to use to join the computer to the domain but I don't want this user able to do anything else. I already added the user to "Add workstations to domain" right in the default group policy so all thats left is not letting the user log on. Is this possible? My first guess would be to add the user to "Deny logon locally" user right but would this prevent them from joining the computer to the domain? Can anyone suggest anything else to secure the account?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER