[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 305
  • Last Modified:

How can I restrict a user to only be able to log on to a specific machine?

The title says it all :) ... Windows 2008 Active Directory
0
VanAlex
Asked:
VanAlex
  • 2
1 Solution
 
superizCommented:
Remove the user from any security group that is allowed to log into the machines you want to prevent him from using.
0
 
superizCommented:
More: ... and then add him to a group that is allowed to log into the machine you want him to use.

Example:

If your machines generally allow the "Domain Users" group to login, then remove the user from the domain users group. Manually add the users domain account to the "Local Users" or "Local Administrators" group on the specific machine you want him to use. You probably want to create a new domain group to assign these rights since you will probably have add additional permissions for the user to access domain resources once he is removed from the domain users group.
0
 
VanAlexAuthor Commented:
That will bring a whole lot of new problems... In this case it will be preferable then, to not allow him to log on on specific machines, than to do it an all machines.
0
 
Henrik JohanssonSystems engineerCommented:
In ADUC: Open user properties->Account tab
Click "Log on to" and add the computers he's allowed to logon to.
0

Featured Post

Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now