Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

How can I allow only admins to log into my servers

Posted on 2008-10-09
9
Medium Priority
?
220 Views
Last Modified: 2010-04-21
How does one allow only administrators/admin group  to logon to the servers?  if so how?  Thanks!
0
Comment
Question by:12string
  • 5
  • 3
9 Comments
 
LVL 20

Expert Comment

by:wolfcamel
ID: 22679830
by default only admins should have the login locally right
0
 
LVL 18

Expert Comment

by:sk_raja_raja
ID: 22679835
To allow a user to only log on to some computers: Open the user-properties for the user by using ADUC, click on Account-tab and use the "Log on to"-button. Enter the computer names allowed to logon to.
0
 
LVL 18

Expert Comment

by:sk_raja_raja
ID: 22679870
on the server you are looking to do this on, define the below policy settings
Local security policy
User rights assignment
Allow logon locally

and add only the admin users you would like to login.
0
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 

Author Comment

by:12string
ID: 22679882
I only want to allow one administrator account or a group name to be able to log onto the servers.
0
 

Author Comment

by:12string
ID: 22679906
what I mean is only allow users that belong to a certain group be able to log onto the servers.
0
 

Author Comment

by:12string
ID: 22680099
Hello sk_raja_raja is this the path that you mean?

Start Gpedit

Local Computer Policy - Computer Configuration - Windows Settings - Security Settings - Local Policies - Users Rights Assignment - Allow Log on locally

0
 

Author Comment

by:12string
ID: 22680124
If that is the case how does one transfer that template to my other Windows servers?  or is this another question i need to post?
0
 
LVL 18

Accepted Solution

by:
sk_raja_raja earned 2000 total points
ID: 22680197
No you can better do this by domain group policy

1.Group all the servers in a OU
2.Create a new group policy and define the "allow log on locally" settings by adding the desired domain group on it.
3.Link this policy only to this OU and enforce it

So, this policy will be applied to all the servers on this OU
0
 

Author Closing Comment

by:12string
ID: 31504716
Thanks that will work!
0

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After having deployed hundreds of thousands of Terminal Services seats worldwide, I still see all the time people asking me that same old question: "If TS/RDS is that reliable why are you telling me I should reboot it that often? My DC/SQL/Exchange/…
Remote Apps is a feature in server 2008 which allows users to run applications off Remote Desktop Servers without having to log into them to run the applications.  The user can either have a desktop shortcut installed or go through the web portal to…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…
Look below the covers at a subform control , and the form that is inside it. Explore properties and see how easy it is to aggregate, get statistics, and synchronize results for your data. A Microsoft Access subform is used to show relevant calcul…
Suggested Courses

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question