Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 301
  • Last Modified:

How can I restrict a user to only be able to log on to a specific machine?

The title says it all :) ... Windows 2008 Active Directory
0
VanAlex
Asked:
VanAlex
  • 2
1 Solution
 
superizCommented:
Remove the user from any security group that is allowed to log into the machines you want to prevent him from using.
0
 
superizCommented:
More: ... and then add him to a group that is allowed to log into the machine you want him to use.

Example:

If your machines generally allow the "Domain Users" group to login, then remove the user from the domain users group. Manually add the users domain account to the "Local Users" or "Local Administrators" group on the specific machine you want him to use. You probably want to create a new domain group to assign these rights since you will probably have add additional permissions for the user to access domain resources once he is removed from the domain users group.
0
 
VanAlexAuthor Commented:
That will bring a whole lot of new problems... In this case it will be preferable then, to not allow him to log on on specific machines, than to do it an all machines.
0
 
Henrik JohanssonSystems engineerCommented:
In ADUC: Open user properties->Account tab
Click "Log on to" and add the computers he's allowed to logon to.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now