Expiring Today—Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

How do I set my XP machine to not allow the domain policy to override it?

Posted on 2007-11-29
4
Medium Priority
?
231 Views
Last Modified: 2010-04-21
Someone logged onto my computer locally using the domain loggin.  I want to stop them.  Thanks.
0
Comment
Question by:Sp0cky
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 70

Expert Comment

by:KCTS
ID: 20374500
Please explain what you mean - you can't log on locally using a domain logon - they can log onto the domain FROM your computer - is that what you mean ?
0
 
LVL 19

Accepted Solution

by:
darron_chapman earned 1200 total points
ID: 20374590
You have to be a local admin for this to work

Control Panel
Administrative Tools
Local Security Policy
User Rights Assignments on the left (under Local Policies)
Double Click Log on locally (on the right)
Remove Domain Admins (and anyone else, just make sure you don't remove yourself)
0
 
LVL 4

Assisted Solution

by:oldPCguy
oldPCguy earned 800 total points
ID: 20374790
You can modify the local computer policy (run c:\windows\system32\secpol.msc /s) and modify the user rights assignments. Specifically the "Deny logon locally" setting. Many system administrators leave this at the default setting when creating security policies so the locally policy will stay in effect. Make sure you are very careful as to what accounts are added here as you may lock yourself out.

** I need to stress that If this machine is at your workplace, many corporate environments prohibit modifying security policies on local machines. This would be a violatation of IT policies and may result in disciplinary action and/or termination of employment.
0
 

Author Closing Comment

by:Sp0cky
ID: 31411685
Thanks guys.  I promise not to fire myself! :)
0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question