Solved

How can I allow only admins to log into my servers

Posted on 2008-10-09
9
206 Views
Last Modified: 2010-04-21
How does one allow only administrators/admin group  to logon to the servers?  if so how?  Thanks!
0
Comment
Question by:12string
  • 5
  • 3
9 Comments
 
LVL 20

Expert Comment

by:wolfcamel
Comment Utility
by default only admins should have the login locally right
0
 
LVL 18

Expert Comment

by:sk_raja_raja
Comment Utility
To allow a user to only log on to some computers: Open the user-properties for the user by using ADUC, click on Account-tab and use the "Log on to"-button. Enter the computer names allowed to logon to.
0
 
LVL 18

Expert Comment

by:sk_raja_raja
Comment Utility
on the server you are looking to do this on, define the below policy settings
Local security policy
User rights assignment
Allow logon locally

and add only the admin users you would like to login.
0
 

Author Comment

by:12string
Comment Utility
I only want to allow one administrator account or a group name to be able to log onto the servers.
0
Complete Microsoft Windows PC® & Mac Backup

Backup and recovery solutions to protect all your PCs & Mac– on-premises or in remote locations. Acronis backs up entire PC or Mac with patented reliable disk imaging technology and you will be able to restore workstations to a new, dissimilar hardware in minutes.

 

Author Comment

by:12string
Comment Utility
what I mean is only allow users that belong to a certain group be able to log onto the servers.
0
 

Author Comment

by:12string
Comment Utility
Hello sk_raja_raja is this the path that you mean?

Start Gpedit

Local Computer Policy - Computer Configuration - Windows Settings - Security Settings - Local Policies - Users Rights Assignment - Allow Log on locally

0
 

Author Comment

by:12string
Comment Utility
If that is the case how does one transfer that template to my other Windows servers?  or is this another question i need to post?
0
 
LVL 18

Accepted Solution

by:
sk_raja_raja earned 500 total points
Comment Utility
No you can better do this by domain group policy

1.Group all the servers in a OU
2.Create a new group policy and define the "allow log on locally" settings by adding the desired domain group on it.
3.Link this policy only to this OU and enforce it

So, this policy will be applied to all the servers on this OU
0
 

Author Closing Comment

by:12string
Comment Utility
Thanks that will work!
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

My previous article  (http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Windows_Server_2008/A_4466-A-beginners-guide-to-installing-SCCM2007-on-Windows-2008-R2-Server.html)detailed one possible method to get SCCM 2007 installed an…
Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip Migration Tip #1 – Source Server Health can be found here: http://www.experts-exchang…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now