my environment is a windows 2003 AD, almost all PCs are XP SP3 and some are windows 7. I am wondering if there is any settings that i can setup on the AD such that i can control who can access to certain computer, i know i can setup individual user logon to particular computer. However, what i want to have is the reverse, that is setup a particular computer to allow access by certain users/groups. My primary concern will be remote desktop access.
e.g. computer A only allow group A to RDP to but not group B while computer B will have the reverse permission.
is that possible to do it on the server?