?
Solved

Can you set Log On To with a Group Policy?

Posted on 2010-01-11
1
Medium Priority
?
247 Views
Last Modified: 2012-05-08
I know you can go to a user's properties in AD, to the account tab, and select log on to which will restrict their ability to log in to certain machines.  Is there a way to set this using a group policy?  I'd like to set this for an entire OU instead of clicking on a bunch of accounts.  I am using Active Directory 2008.
0
Comment
Question by:jdouthit
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 7

Accepted Solution

by:
himvy earned 500 total points
ID: 26288278
Open the GPO linked to the ou that contains the computers in question.
Open the COMPUTER configuration / Windows Settings / Security Settings / Local Policies / User Rights Assignement.
Here find the key "Log on Localy".
This is the one you want!
Edit it.
In it's window, check "Define this Policy" and then add click on "Add user or group" button. Add the users and groups that you want to be able to log on interactively (that means at the machine). Make sure you include the Administrators group. This will be the admins for the local machine. It does not work without it.

 
OR,check out the link below:

http://blog.unflap.com/2009/11/02/restrict-ad-users-from-certain-domain-machines-in-server-2003/
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question