jasonbournecia
asked on
How to stop users logging onto DC
Is it possible to stop users logging onto the domain controller?
Please do not mention 'Deny log-on locally' I'm talkiing about users who accidently might put in their user name and password into RDC. Let's say I've just been on their machine using RDC. The next time they use RDC to connect to a remote server, they just hit connect, understandably, and do not notice the address field now points to our DC rather than the remote machine.
On the domain controller, 'Deny local log-on' only applies to users attempting to physically log-on the server; I think.
I just do not want accounts created on the domain controller except mine and admin.
Is this possible?
Is there a GPO setting that can stop this?
Cheers
Please do not mention 'Deny log-on locally' I'm talkiing about users who accidently might put in their user name and password into RDC. Let's say I've just been on their machine using RDC. The next time they use RDC to connect to a remote server, they just hit connect, understandably, and do not notice the address field now points to our DC rather than the remote machine.
On the domain controller, 'Deny local log-on' only applies to users attempting to physically log-on the server; I think.
I just do not want accounts created on the domain controller except mine and admin.
Is this possible?
Is there a GPO setting that can stop this?
Cheers
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
isnt there a setting on the DC itsself to only allow admins to log on?
Active directory should not allow anyone other than a domain admin, server admin, account operator, etc... To log in.
ASKER
Thanks Firebar,
Had a look at the setting, and it is not configured, therefore admin only.
What I don't understand is why under Documentss and settings on the server, the DC, was one of my users!!!!
Got her to try again and she is locked out.
Cheers
Had a look at the setting, and it is not configured, therefore admin only.
What I don't understand is why under Documentss and settings on the server, the DC, was one of my users!!!!
Got her to try again and she is locked out.
Cheers