How to restrict users to logon to local account where the PC is a member of Windows domain ?
Posted on 2009-04-11
We have Windows 2003 AD domain "example.com" where PCs are members of that domain and users are able to login on PCs through their domain account.
Now we would like to restrict users not to log on PCs through the local user accounts i.e. users must logon through their domain a/c only.
May be instead of the prompt [1. Username 2. Password 3. Log on to: = DOMAIN / PC-NAME (this computer)],
can we remove the the option " Log on to: = DOMAIN / PC-NAME (this computer)]" on all PCs or selectively on some?
We want the settings centrally so that for troubleshooting purpose if any time for a particular PC the local logon is required then we can enable that also.