?
Solved

1 computer only 1 account can login.

Posted on 2009-07-08
7
Medium Priority
?
307 Views
Last Modified: 2012-05-07
My computer joined domain, that means some people can login my computer and get data, how can I change only my account can login my computer, another domain account cannot even administrator? I am using windows XP sp3, DC: windows server 2003 RC2 SP2.

Please help me!
Thanks!
0
Comment
Question by:Mr_Bach
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 3

Expert Comment

by:Bransby-IT
ID: 24810864
Mr Back have I read your posting correctly?

Your computer is a member of a domain.
You have your own domain account on the computer and you wish that no one else logs into your computer?

I am almost certain that this is not possable but I will have a good look around.
0
 
LVL 14

Accepted Solution

by:
top_rung earned 1500 total points
ID: 24810889
As the Admin, you can use group policy to change the "logon locally" policy.  Make sure not to lock out administrators groups.  I guess for that matter,  you could also use the Deny Logon locally option.


Windows Settings>Security Settings>Local Policies>User Rights Assignment

0
 
LVL 19

Expert Comment

by:deroode
ID: 24811469
Or you could use a tool like Truecrypt to encrypt your harddrive. That way nobody can even startup the computer...

http://www.truecrypt.org/
0
Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

 

Expert Comment

by:taubc
ID: 24814910
Will your bios allow you to setup a password for bootup? If so lock down the machine via the bios and you dont have to worry about who has domain authorization.
0
 
LVL 66

Expert Comment

by:johnb6767
ID: 24816308
Keep in mind, if your Domain Admin sees that he cannot access your PC, you will probably be deffered to HR for violation of the Computer Usage policy (if there is one). You cant block out the Domain Admin. You might also have domain Service Accounts that need access to the PC to get it updated, rollout installs etc....
Just not feasible....
0
 
LVL 14

Expert Comment

by:top_rung
ID: 24822017
GPO is the proper way to do it.  If you are the admin (domain level), then you should have no problems with this method.   If you are not the Domain Admin, then you can use the other options, but as John stated, you run the risk of getting on the Domain Admins/HR bad side.   You will need to check with your IT org if you don't have the priveleges.
0
 

Expert Comment

by:taubc
ID: 24822506
If the data on your machine is that important that you dont trust your domain admin to have rights to see it then you need to encrypt. You also run the risk of losing said data if its not backed up, so you need a strategy there too.

This brings you to a honor system. If the data is private for corporate reasons then logging access is the only way to know who is seeing it.

0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

cPanel is a Unix based web hosting control panel that provides a graphical interface and automation tools designed to simplify the process of hosting a web site. cPanel utilizes a 3 tier structure that provides functionality for administrators, rese…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question