donfornio
asked on
Username Wildcards
Is there any way to choose every user on a certain computer when assigning user rights? That is, is there a wildcard such as %localcomputer%/* that will include every user in the local computer?
ASKER
Thanks for the comment two people hk, but I believe that environmental variable only works for the user currently logged into the computer, or am I wrong? I'm more looking for something that will select every user account on the local computer, is this possible?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
The net users command certainly helps, thanks so much for the help!
What are you trying to do? Most system administrators assign permissions based off of group membership. Whenever a user is added to a machine locally, they are put in the machinename\Users group and therefore you could use the machinename\Users group to assign permissions to all the users on the machine.
ASKER
Well, the end result here is to deny access to terminal services to all local user accounts and allow only domain user accounts in the administrators group. So, if I can allow the administrators group, but specifically deny all other local user accounts (whatever they may be) I believe it may solve the problem.
Is this on a terminal server or just denying the user from using mstsc.exe? Take a look at this for restricting certain users from logging on to a terminal server. http://www.petri.co.il/forums/showthread.php?t=10183
Here are all the windows variables:
http://vlaurie.com/computers2/Articles/environment.htm
But assign user right is better to use Group Policy.